ELSA-2024-0071

ELSA-2024-0071 - squid security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2024-01-10

Description


[7:5.5-6.0.1.el9_3.5]
- squid: Denial of Service in SSL Certificate validation (CVE-2023-46724)
- squid: NULL pointer dereference in the gopher protocol code (CVE-2023-46728)
- squid: Buffer over-read in the HTTP Message processing feature (CVE-2023-49285)
- squid: Incorrect Check of Function Return Value In Helper Process management (CVE-2023-49286)


Related CVEs


CVE-2023-46724
CVE-2023-49285
CVE-2023-46728
CVE-2023-49286

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) squid-5.5-6.0.1.el9_3.5.src.rpmca887eaa241f737d79c2ffeac05d7e0f251a94dc913c3ea4ddb19fc349625053-ol9_aarch64_appstream
squid-5.5-6.0.1.el9_3.5.aarch64.rpm036f5f8bd3b2db4b4c30fdcbada2ca35f95dc83397bdc425bd3ef444fe997326-ol9_aarch64_appstream
Oracle Linux 9 (x86_64) squid-5.5-6.0.1.el9_3.5.src.rpmca887eaa241f737d79c2ffeac05d7e0f251a94dc913c3ea4ddb19fc349625053-ol9_x86_64_appstream
squid-5.5-6.0.1.el9_3.5.x86_64.rpm360ab25b7dc9a736d9af375304138286c6310633b51282f9fbfc18e92ea26cb7-ol9_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete