ELSA-2024-0071 - squid security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2024-01-10 |
Description
[7:5.5-6.0.1.el9_3.5]
- squid: Denial of Service in SSL Certificate validation (CVE-2023-46724)
- squid: NULL pointer dereference in the gopher protocol code (CVE-2023-46728)
- squid: Buffer over-read in the HTTP Message processing feature (CVE-2023-49285)
- squid: Incorrect Check of Function Return Value In Helper Process management (CVE-2023-49286)
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
|
| Oracle Linux 9 (aarch64) | squid-5.5-6.0.1.el9_3.5.src.rpm | ca887eaa241f737d79c2ffeac05d7e0f251a94dc913c3ea4ddb19fc349625053 | - | ol9_aarch64_appstream |
| squid-5.5-6.0.1.el9_3.5.aarch64.rpm | 036f5f8bd3b2db4b4c30fdcbada2ca35f95dc83397bdc425bd3ef444fe997326 | - | ol9_aarch64_appstream |
|
| Oracle Linux 9 (x86_64) | squid-5.5-6.0.1.el9_3.5.src.rpm | ca887eaa241f737d79c2ffeac05d7e0f251a94dc913c3ea4ddb19fc349625053 | - | ol9_x86_64_appstream |
| squid-5.5-6.0.1.el9_3.5.x86_64.rpm | 360ab25b7dc9a736d9af375304138286c6310633b51282f9fbfc18e92ea26cb7 | - | ol9_x86_64_appstream |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
