[ELSA-2015-2378] squid security and bug fix update
[7:3.3.8-26]
- Related: #1186768 - removing patch, because of missing tests and
incorrent patch
[7:3.3.8-25]
- Related: #1102842 - squid rpm package misses /var/run/squid needed for
smp mode. Squid needs write access to /var/run/squid.
[7:3.3.8-24]
- Related: #1102842 - squid rpm package misses /var/run/squid needed for
smp mode. Creation of /var/run/squid was also needed to be in SPEC file.
[7:3.3.8-23]
- Related: #1102842 - squid rpm package misses /var/run/squid needed for
smp mode. Creation of this directory was moved to tmpfiles.d conf file.
[7:3.3.8-22]
- Related: #1102842 - squid rpm package misses /var/run/squid needed for
smp mode. Creation of this directory was moved to service file.
[7:3.3.8-21]
- Resolves: #1263338 - squid with digest auth on big endian systems
start looping
[7:3.3.8-20]
- Resolves: #1186768 - security issue: Nonce replay vulnerability
in Digest authentication
[7:3.3.8-19]
- Resolves: #1225640 - squid crashes by segfault when it reboots
[7:3.3.8-18]
- Resolves: #1102842 - squid rpm package misses /var/run/squid needed for
smp mode
[7:3.3.8-17]
- Resolves: #1233265 - CVE-2015-3455 squid: incorrect X509 server
certificate validation
[7:3.3.8-16]
- Resolves: #1080042 - Supply a firewalld service file with squid
[7:3.3.8-15]
- Resolves: #1161600 - Squid does not serve cached responses
with Vary headers
[7:3.3.8-14]
- Resolves: #1198778 - Filedescriptor leaks on snmp
[7:3.3.8-13]
- Resolves: #1204375 - squid sends incorrect ssl chain breaking newer gnutls
using applications
Package | Affected Version |
---|---|
pkg:rpm/oraclelinux/squid?distro=oraclelinux-7 | < 3.3.8-26.el7 |
pkg:rpm/oraclelinux/squid-sysvinit?distro=oraclelinux-7 | < 3.3.8-26.el7 |
- ID
- ELSA-2015-2378
- Severity
- moderate
- URL
- https://linux.oracle.com/errata/ELSA-2015-2378.html
- Published
-
2015-11-23T00:00:00
(8 years ago) - Modified
-
2015-11-23T00:00:00
(8 years ago) - Rights
- Copyright 2015 Oracle, Inc.
- Other Advisories
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2015-2378 | http://linux.oracle.com/errata/ELSA-2015-2378.html | |
CVE | CVE-2015-3455 | http://linux.oracle.com/cve/CVE-2015-3455 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/squid?distro=oraclelinux-7 | oraclelinux | squid | < 3.3.8-26.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/squid-sysvinit?distro=oraclelinux-7 | oraclelinux | squid-sysvinit | < 3.3.8-26.el7 | oraclelinux-7 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |