[SUSE-SU-2022:2392-1] Security update for squid
Severity
Important
Affected Packages
6
CVEs
3
Security update for squid
This update for squid fixes the following issues:
- CVE-2020-25097: Fixed HTTP Request Smuggling (bsc#1183436)
- CVE-2021-28651: Fixed DoS in URN processing (bsc#1185921)
- CVE-2021-46784: Fixed DoS when processing gopher server responses (bsc#1200907)
Package | Affected Version |
---|---|
pkg:rpm/suse/squid?arch=x86_64&distro=sles-12&sp=4 | < 3.5.21-26.35.1 |
pkg:rpm/suse/squid?arch=x86_64&distro=sles-12&sp=3 | < 3.5.21-26.35.1 |
pkg:rpm/suse/squid?arch=x86_64&distro=sles-12&sp=2 | < 3.5.21-26.35.1 |
pkg:rpm/suse/squid?arch=s390x&distro=sles-12&sp=4 | < 3.5.21-26.35.1 |
pkg:rpm/suse/squid?arch=ppc64le&distro=sles-12&sp=4 | < 3.5.21-26.35.1 |
pkg:rpm/suse/squid?arch=aarch64&distro=sles-12&sp=4 | < 3.5.21-26.35.1 |
- ID
- SUSE-SU-2022:2392-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2022/suse-su-20222392-1/
- Published
-
2022-07-13T18:14:01
(2 years ago) - Modified
-
2022-07-13T18:14:01
(2 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2023-1677
- ALAS-2023-1687
- ALAS2-2021-1631
- ALAS2-2023-1907
- ALAS2-2023-1950
- ALPINE:CVE-2020-25097
- ALPINE:CVE-2021-28651
- ALSA-2021:1979
- ALSA-2021:4292
- ALSA-2022:5526
- ALSA-2022:5527
- ASA-202105-10
- DSA-4873-1
- DSA-4924-1
- DSA-5171-1
- ELSA-2021-1135
- ELSA-2021-1979
- ELSA-2021-4292
- ELSA-2021-9465
- ELSA-2022-5526
- ELSA-2022-5527
- ELSA-2022-5542
- ELSA-2023-16656
- FEDORA-2021-24af72ff2c
- FEDORA-2021-76f09062a7
- FEDORA-2021-7d86bec29e
- FEDORA-2021-c0bec55ec7
- FEDORA-2021-ecb24e0b9d
- FEDORA-2022-0fa51087e7
- FEDORA-2022-d22a045d7a
- GLSA-202105-14
- openSUSE-SU-2021:0879-1
- openSUSE-SU-2021:1961-1
- RHSA-2021:1135
- RHSA-2021:1979
- RHSA-2021:4292
- RHSA-2022:5526
- RHSA-2022:5527
- RHSA-2022:5542
- RLSA-2021:1979
- RLSA-2021:4292
- RLSA-2022:5526
- SUSE-SU-2021:1838-1
- SUSE-SU-2021:1961-1
- SUSE-SU-2022:2359-1
- SUSE-SU-2022:2367-1
- SUSE-SU-2022:2553-1
- USN-4895-1
- USN-4981-1
- USN-5491-1
- USN-6857-1
Source | # ID | Name | URL |
---|---|---|---|
Suse | SUSE ratings | https://www.suse.com/support/security/rating/ | |
Suse | URL of this CSAF notice | https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_2392-1.json | |
Suse | URL for SUSE-SU-2022:2392-1 | https://www.suse.com/support/update/announcement/2022/suse-su-20222392-1/ | |
Suse | E-Mail link for SUSE-SU-2022:2392-1 | https://lists.suse.com/pipermail/sle-security-updates/2022-July/011543.html | |
Bugzilla | SUSE Bug 1183436 | https://bugzilla.suse.com/1183436 | |
Bugzilla | SUSE Bug 1185921 | https://bugzilla.suse.com/1185921 | |
Bugzilla | SUSE Bug 1200907 | https://bugzilla.suse.com/1200907 | |
CVE | SUSE CVE CVE-2020-25097 page | https://www.suse.com/security/cve/CVE-2020-25097/ | |
CVE | SUSE CVE CVE-2021-28651 page | https://www.suse.com/security/cve/CVE-2021-28651/ | |
CVE | SUSE CVE CVE-2021-46784 page | https://www.suse.com/security/cve/CVE-2021-46784/ |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/suse/squid?arch=x86_64&distro=sles-12&sp=4 | suse | squid | < 3.5.21-26.35.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/squid?arch=x86_64&distro=sles-12&sp=3 | suse | squid | < 3.5.21-26.35.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/squid?arch=x86_64&distro=sles-12&sp=2 | suse | squid | < 3.5.21-26.35.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/squid?arch=s390x&distro=sles-12&sp=4 | suse | squid | < 3.5.21-26.35.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/squid?arch=ppc64le&distro=sles-12&sp=4 | suse | squid | < 3.5.21-26.35.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/squid?arch=aarch64&distro=sles-12&sp=4 | suse | squid | < 3.5.21-26.35.1 | sles-12 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |