Stay Connected:

ELSA-2024-0046

ELSA-2024-0046 - squid:4 security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2024-01-04

Description


libecap
squid
[7:4.15-7.5]
- Fix squid: Denial of Service in SSL Certificate validation (CVE-2023-46724)
- Fix squid: NULL pointer dereference in the gopher protocol code (CVE-2023-46728)
- Fix squid: Buffer over-read in the HTTP Message processing feature (CVE-2023-49285)
- Fix squid: Incorrect Check of Function Return Value In Helper Process management(CVE-2023-49286)

[7:4.15-7.3]
- Fix squid: DoS against HTTP and HTTPS (CVE-2023-5824)

[7:4.15-7.1]
- Resolves: RHEL-14801 - squid: squid: Denial of Service in HTTP Digest
Authentication
- Resolves: RHEL-14776 - squid: squid: Request/Response smuggling in HTTP/1.1
and ICAP


Related CVEs


CVE-2023-49286
CVE-2023-46728
CVE-2023-49285
CVE-2023-46724

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 8 (aarch64) libecap-1.0.1-2.module+el8.9.0+90083+f7556140.src.rpmbec878a867b1f4f4f809e660ec3852c4e9dc9ed281d3bb8f19c0846a53763de6-ol8_aarch64_appstream
squid-4.15-7.module+el8.9.0+90111+615ac445.5.src.rpmbfea5e7a33f48a5b14fb05a6f6af4dd706a353326b72832625e8cdf131cb1e78-ol8_aarch64_appstream
libecap-1.0.1-2.module+el8.9.0+90083+f7556140.aarch64.rpm44b7d303b0706f02bf8f6c764ccdbfdb723bda7fe9458c8b4f45e8cc5f9e53a9-ol8_aarch64_appstream
libecap-devel-1.0.1-2.module+el8.9.0+90083+f7556140.aarch64.rpm9c28b594b51fa9966956f5def632f33067dafb86207c324f2c7dfc8b0dcf466e-ol8_aarch64_appstream
squid-4.15-7.module+el8.9.0+90111+615ac445.5.aarch64.rpm5e78542828e6b52a2b1b9b92b4e5d80976f94abf41704d47f82c8495882bdaf3-ol8_aarch64_appstream
Oracle Linux 8 (x86_64) libecap-1.0.1-2.module+el8.9.0+90083+f7556140.src.rpmbec878a867b1f4f4f809e660ec3852c4e9dc9ed281d3bb8f19c0846a53763de6-ol8_x86_64_appstream
squid-4.15-7.module+el8.9.0+90111+615ac445.5.src.rpmbfea5e7a33f48a5b14fb05a6f6af4dd706a353326b72832625e8cdf131cb1e78-ol8_x86_64_appstream
libecap-1.0.1-2.module+el8.9.0+90083+f7556140.x86_64.rpma19a8fe60034442365ebe4867be57efaf3dd84f45d1c064789c6a86b792bc997-ol8_x86_64_appstream
libecap-devel-1.0.1-2.module+el8.9.0+90083+f7556140.x86_64.rpmd826fa957ede16c5b3db470182a176678ec52971afdaf4fdd4c0e47eb78951c9-ol8_x86_64_appstream
squid-4.15-7.module+el8.9.0+90111+615ac445.5.x86_64.rpm683c3d2901856ccb7f53e0572ed890377ec64d62c92b186cfb874710b4074257-ol8_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights