ELSA-2023-6266

ULN >
Oracle Linux Errata repository >
ELSA-2023-6266

ELSA-2023-6266 - squid security update

Type:	SECURITY
Severity:	CRITICAL
Release Date:	2023-11-03

Description

[7:5.5-5.el9_2.1]
- Improve HTTP chunked encoding compliance (CVE-2023-46846)
- Fix stack buffer overflow when parsing Digest Authorization (CVE-2023-46847)
- Fix userinfo percent-encoding (CVE-2023-46848)

Related CVEs

CVE-2023-46847

CVE-2023-46848

CVE-2023-46846

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	squid-5.5-5.el9_2.1.src.rpm	eba86195df58cdc4644f3d303a97bdf2	-	ol9_aarch64_appstream
	squid-5.5-5.el9_2.1.aarch64.rpm	91e8a04f4b52c4d855d1b1da6eaf014e	-	ol9_aarch64_appstream

Oracle Linux 9 (x86_64)	squid-5.5-5.el9_2.1.src.rpm	eba86195df58cdc4644f3d303a97bdf2	-	ol9_x86_64_appstream
	squid-5.5-5.el9_2.1.x86_64.rpm	fb4531109f93d58dedf1f5b1539a3e23	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691