[ELSA-2024-1376] squid security update

Severity Important

Affected Packages 1

CVEs 3

[7:5.5-6.0.1.8]
- Rebuild with release bump

[7:5.5-6.8]
- Resolves: RHEL-19555 - squid: denial of service in HTTP request
parsing (CVE-2023-50269)

[7:5.5-6.7]
- Resolves: RHEL-28614 - squid: Denial of Service in HTTP Chunked
Decoding (CVE-2024-25111)

[7:5.5-6.6]
- Resolves: RHEL-26091 - squid: denial of service in HTTP header
parser (CVE-2024-25617)

Package	Affected Version
pkg:rpm/oraclelinux/squid?distro=oraclelinux-9.3	< 5.5-6.0.1.el9_3.8

ID

ELSA-2024-1376

Severity

important

URL

https://linux.oracle.com/errata/ELSA-2024-1376.html

Published

2024-03-20T00:00:00
(6 months ago)

Modified

2024-03-20T00:00:00
(6 months ago)

Rights

Other Advisories

Source	# ID	URL
elsa	ELSA-2024-1376	https://linux.oracle.com/errata/ELSA-2024-1376.html
CVE	CVE-2023-50269	https://linux.oracle.com/cve/CVE-2023-50269.html
CVE	CVE-2024-25111	https://linux.oracle.com/cve/CVE-2024-25111.html
CVE	CVE-2024-25617	https://linux.oracle.com/cve/CVE-2024-25617.html

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch	Patch / Fix
Affected	pkg:rpm/oraclelinux/squid?distro=oraclelinux-9.3	oraclelinux	squid	< 5.5-6.0.1.el9_3.8	oraclelinux-9.3

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date