1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2023:4381-1

[SUSE-SU-2023:4381-1] Security update for squid

Severity Important
Affected Packages 4
CVEs 4
Info Packages References Vulnerabilities

Security update for squid

This update for squid fixes the following issues:

  • CVE-2023-46846: Request/Response smuggling in HTTP/1.1 and ICAP (bsc#1216500).
  • CVE-2023-46847: Denial of Service in HTTP Digest Authentication (bsc#1216495).
  • CVE-2023-46724: Fix validation of certificates with CN=* (bsc#1216803).
  • CVE-2023-46848: Denial of Service in FTP (bsc#1216498).
Package Affected Version
pkg:rpm/suse/squid?arch=x86_64&distro=sles-12&sp=5 < 4.17-4.30.1
pkg:rpm/suse/squid?arch=s390x&distro=sles-12&sp=5 < 4.17-4.30.1
pkg:rpm/suse/squid?arch=ppc64le&distro=sles-12&sp=5 < 4.17-4.30.1
pkg:rpm/suse/squid?arch=aarch64&distro=sles-12&sp=5 < 4.17-4.30.1
ID
SUSE-SU-2023:4381-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2023/suse-su-20234381-1/
Published
2023-11-06T15:51:39
(10 months ago)
Modified
2023-11-06T15:51:39
(10 months ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/suse/squid?arch=x86_64&distro=sles-12&sp=5 suse squid < 4.17-4.30.1 sles-12 x86_64
Affected pkg:rpm/suse/squid?arch=s390x&distro=sles-12&sp=5 suse squid < 4.17-4.30.1 sles-12 s390x
Affected pkg:rpm/suse/squid?arch=ppc64le&distro=sles-12&sp=5 suse squid < 4.17-4.30.1 sles-12 ppc64le
Affected pkg:rpm/suse/squid?arch=aarch64&distro=sles-12&sp=5 suse squid < 4.17-4.30.1 sles-12 aarch64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date