ELSA-2020-2041

ELSA-2020-2041 - squid:4 security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2020-05-12

Description


squid
[7:4.4-8.1]
- Resolves: #1828368 - CVE-2019-12519 squid: improper check for new member in
ESIExpression::Evaluate allows for stack buffer overflow
- Resolves: #1828367 - CVE-2020-11945 squid: improper access restriction upon
Digest Authentication nonce replay could lead to remote code execution
- Resolves: #1829402 - CVE-2019-12525 squid:4/squid: parsing of header
Proxy-Authentication leads to memory corruption


Related CVEs


CVE-2019-12519
CVE-2020-11945
CVE-2019-12525

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 8 (aarch64) libecap-1.0.1-2.module+el8.1.0+5405+03b963f4.src.rpm1f9e6542d4a47e5197695102c7eedafe84d1bde514691ca49b58989ac398348a-ol8_aarch64_appstream
squid-4.4-8.module+el8.2.0+7611+d512f060.1.src.rpm95f2a2641ef5ec1ec47da7d16f92a8878b521634801b441638dd9455137e80c7-ol8_aarch64_appstream
libecap-1.0.1-2.module+el8.1.0+5405+03b963f4.aarch64.rpm4ada6cd25a359fdfb1ebefb61eec2038bf1e24c7141e7edbf51f65d30e35a5f3-ol8_aarch64_appstream
libecap-devel-1.0.1-2.module+el8.1.0+5405+03b963f4.aarch64.rpm4db73e04f3855bf17a227dd7eec18ff233b5049e0c18ab2a0a4ad3b9b2a15853-ol8_aarch64_appstream
squid-4.4-8.module+el8.2.0+7611+d512f060.1.aarch64.rpma39918b617648bba77beb90089caaa72fbc85724863832d96828c46d030b8bc6-ol8_aarch64_appstream
Oracle Linux 8 (x86_64) libecap-1.0.1-2.module+el8.1.0+5405+03b963f4.src.rpm1f9e6542d4a47e5197695102c7eedafe84d1bde514691ca49b58989ac398348a-ol8_x86_64_appstream
squid-4.4-8.module+el8.2.0+7611+d512f060.1.src.rpm95f2a2641ef5ec1ec47da7d16f92a8878b521634801b441638dd9455137e80c7-ol8_x86_64_appstream
libecap-1.0.1-2.module+el8.1.0+5405+03b963f4.x86_64.rpm42db50c4b6ef56c7f2a1252d56eb09021b9061d28d8be33d10a015c199ef4305-ol8_x86_64_appstream
libecap-devel-1.0.1-2.module+el8.1.0+5405+03b963f4.x86_64.rpm65071911cde31fc585dae832d5cbf2ca4460606fbfdf60c92e8cd7efe0b90dc0-ol8_x86_64_appstream
squid-4.4-8.module+el8.2.0+7611+d512f060.1.x86_64.rpm892b3a2cc3a4cb1fe9ae4c7a7fa02b11055e6a5bc29179428aa8f97fd087ead9-ol8_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete