ELSA-2023-16656 - squid security update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2023-02-15 |
Description
[7:4.15-3.0.3.1]
- Add libtool-ltdl to squid Requires: [Orabug: 34992040]
[ - 7:4.15-3.0.1.1]
- Obsolete squid-sysvinit [Jira: OLDIS-20090]
[7:4.15-3.1]
- Resolves: #2100782 - CVE-2021-46784 squid:4/squid: DoS when processing gopher
server responses
[7:4.15-3]
- Resolves: #1941506 - CVE-2021-28116 squid:4/squid: out-of-bounds read in WCCP
protocol data may lead to information disclosure
[7:4.15-2]
- Resolves: #2006121 - SQUID shortens FTP Link wrong that contains a semi-colon
and as a result is not able to download zip file.CODE 404 TO CLIENT)
[7:4.15-1]
- new version 4.15
- Resolves: #1964384 - squid:4 rebase to 4.15
[7:4.11-5]
- Resolves: #1944261 - CVE-2020-25097 squid:4/squid: improper input validation
may allow a trusted client to perform HTTP Request Smuggling
[7:4.11-4]
- Resolves: #1890606 - Fix for CVE 2019-13345 breaks authentication in
cachemgr.cgi
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
|
| Oracle Linux 7 (aarch64) | squid-4.15-3.0.1.el7.1.src.rpm | 37dc5d8ec5138a7eba0d07bf7d98eb4d | - |
| squid-4.15-3.0.1.el7.1.aarch64.rpm | 50da2cd8a166620bf59ae2ca97cfbb29 | - |
|
| Oracle Linux 7 (x86_64) | squid-4.15-3.0.3.el7_9.1.src.rpm | 3b6fcd2533c7fc7b3f5f396cb1a9f5fb | - |
| squid-4.15-3.0.3.el7_9.1.x86_64.rpm | 734aa32cf1426dad01a80f8377d86880 | - |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
