openSUSE: 2020:1346-1: critical: squid
Description
This update for squid fixes the following issues: squid was updated to version 4.13: - CVE-2020-24606: Fix livelocking in peerDigestHandleReply (bsc#1175671). - CVE-2020-15811: Improve Transfer-Encoding handling (bsc#1175665). - CVE-2020-15810: Enforce token characters for field-name (bsc#1175664). This update was imported from the SUSE:SLE-15:Update update project.
Patch
Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2020-1346=1
Package List
- openSUSE Leap 15.1 (x86_64): squid-4.13-lp151.2.24.1 squid-debuginfo-4.13-lp151.2.24.1 squid-debugsource-4.13-lp151.2.24.1
References
https://www.suse.com/security/cve/CVE-2020-15049.html https://www.suse.com/security/cve/CVE-2020-15810.html https://www.suse.com/security/cve/CVE-2020-15811.html https://www.suse.com/security/cve/CVE-2020-24606.html https://bugzilla.suse.com/1173455 https://bugzilla.suse.com/1175664 https://bugzilla.suse.com/1175665 https://bugzilla.suse.com/1175671--