ELSA-2020-4082
- ULN >
- Oracle Linux Errata repository >
- ELSA-2020-4082
ELSA-2020-4082 - squid security update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2020-10-08 |
Description
[7:3.5.20-17.4]
- Resolves: #1872349 - CVE-2020-24606 squid: Improper Input Validation could
result in a DoS
- Resolves: #1872327 - CVE-2020-15810 squid: HTTP Request Smuggling could
result in cache poisoning
- Resolves: #1872342 - CVE-2020-15811 squid: HTTP Request Splitting could
result in cache poisoning
[7:3.5.20-17.2]
- Resolves: #1802516 - CVE-2020-8449 squid: Improper input validation issues
in HTTP Request processing
- Resolves: #1802515 - CVE-2020-8450 squid: Buffer overflow in a Squid acting
as reverse-proxy
- Resolves: #1853129 - CVE-2020-15049 squid: request smuggling and poisoning
attack against the HTTP cache
- Resolves: #1802517 - CVE-2019-12528 squid: Information Disclosure issue in
FTP Gateway
[7:3.5.20-17]
- Resolves: #1828361 - CVE-2020-11945 squid: improper access restriction upon
Digest Authentication nonce replay could lead to remote code execution
- Resolves: #1828362 - CVE-2019-12519 squid: improper check for new member in
ESIExpression::Evaluate allows for stack buffer overflow [rhel
[7:3.5.20-16]
- Resolves: #1738582 - CVE-2019-12525 squid: parsing of header
Proxy-Authentication leads to memory corruption
Related CVEs
| CVE-2020-15810 |
| CVE-2020-15811 |
| CVE-2019-12528 |
| CVE-2020-8450 |
| CVE-2020-15049 |
| CVE-2020-24606 |
| CVE-2020-8449 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 7 (aarch64) | squid-3.5.20-17.el7_9.4.src.rpm | 7ce14edbd08393949743d4d200774923 | ELSA-2021-1135 |
| squid-3.5.20-17.el7_9.4.aarch64.rpm | 17c9552faa464f2b68c20bb9d5218839 | ELSA-2021-1135 | |
| squid-migration-script-3.5.20-17.el7_9.4.aarch64.rpm | aa4ea7cf38b05dd67b5cd5d9c12ca655 | ELSA-2021-1135 | |
| squid-sysvinit-3.5.20-17.el7_9.4.aarch64.rpm | 5b4059241bfbdd10b2f3afe6a102c136 | ELSA-2021-1135 | |
| Oracle Linux 7 (x86_64) | squid-3.5.20-17.el7_9.4.src.rpm | 7ce14edbd08393949743d4d200774923 | ELSA-2021-1135 |
| squid-3.5.20-17.el7_9.4.x86_64.rpm | c7a92c8c67bc066b0cf1093bb8713448 | ELSA-2021-1135 | |
| squid-migration-script-3.5.20-17.el7_9.4.x86_64.rpm | 31d05907b1491eba1f173b3c23b40c28 | ELSA-2021-1135 | |
| squid-sysvinit-3.5.20-17.el7_9.4.x86_64.rpm | bdbfeb36d162880adfed873a8862d01b | ELSA-2021-1135 | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
