1. Home
  2. Security Advisories
  3. Oracle Linux
  4. ELSA-2020-1068

[ELSA-2020-1068] squid security and bug fix update

Severity Moderate
Affected Packages 3
CVEs 3
Info Packages References Vulnerabilities

[7:3.5.20-15]
- Resolves: #1690551 - Squid cache_peer DNS lookup failed when not all lower
case
- Resolves: #1680022 - squid cant display download/upload packet size for HTTPS
sites
- Resolves: #1717430 - Excessive memory usage when running out of descriptors
- Resolves: #1676420 - Cache siblings return wrongly cached gateway timeouts
- Resolves: #1729435 - CVE-2019-13345 squid: XSS via user_name or auth parameter
in cachemgr.cgi
- Resolves: #1582301 - CVE-2018-1000024 CVE-2018-1000027 squid: various flaws

[7:3.5.20-13]
- Resolves: #1620546 - migration of upstream squid

Package Affected Version
pkg:rpm/oraclelinux/squid?distro=oraclelinux-7 < 3.5.20-15.el7
pkg:rpm/oraclelinux/squid-sysvinit?distro=oraclelinux-7 < 3.5.20-15.el7
pkg:rpm/oraclelinux/squid-migration-script?distro=oraclelinux-7 < 3.5.20-15.el7
ID
ELSA-2020-1068
Severity
moderate
URL
https://linux.oracle.com/errata/ELSA-2020-1068.html
Published
2020-04-06T00:00:00
(4 years ago)
Modified
2020-04-06T00:00:00
(4 years ago)
Rights
Copyright 2020 Oracle, Inc.
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/oraclelinux/squid?distro=oraclelinux-7 oraclelinux squid < 3.5.20-15.el7 oraclelinux-7
Affected pkg:rpm/oraclelinux/squid-sysvinit?distro=oraclelinux-7 oraclelinux squid-sysvinit < 3.5.20-15.el7 oraclelinux-7
Affected pkg:rpm/oraclelinux/squid-migration-script?distro=oraclelinux-7 oraclelinux squid-migration-script < 3.5.20-15.el7 oraclelinux-7
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date