Oracle Linux 8 ELSA-2024-0046 Critical: Fixes for Squid DoS Issues
oracle
January 4, 2024
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
Summary
libecap squid [7:4.15-7.5] - Fix squid: Denial of Service in SSL Certificate validation (CVE-2023-46724) - Fix squid: NULL pointer dereference in the gopher protocol code (CVE-2023-46728) - Fix squid: Buffer over-read in the HTTP Message processing feature (CVE-2023-49285) - Fix squid: Incorrect Check of Function Return Value In Helper Process management(CVE-2023-49286) [7:4.15-7.3] - Fix squid: DoS against HTTP and HTTPS (CVE-2023-5824) [7:4.15-7.1] - Resolves: RHEL-14801 - squid: squid: Denial of Service in HTTP Digest Authentication - Resolves: RHEL-14776 - squid: squid: Request/Response smuggling in HTTP/1.1 and ICAP
Topics Covered
SRPMs
https://oss.oracle.com:443/ol8/SRPMS-updates//libecap-1.0.1-2.module+el8.9.0+90083+f7556140.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//squid-4.15-7.module+el8.9.0+90111+615ac445.5.src.rpm
x86_64
libecap-1.0.1-2.module+el8.9.0+90083+f7556140.x86_64.rpm libecap-devel-1.0.1-2.module+el8.9.0+90083+f7556140.x86_64.rpm squid-4.15-7.module+el8.9.0+90111+615ac445.5.x86_64.rpm
aarch64
libecap-1.0.1-2.module+el8.9.0+90083+f7556140.aarch64.rpm libecap-devel-1.0.1-2.module+el8.9.0+90083+f7556140.aarch64.rpm squid-4.15-7.module+el8.9.0+90111+615ac445.5.aarch64.rpm
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Related CVEs:
CVE-2023-46724
CVE-2023-46728
CVE-2023-49285
CVE-2023-49286
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!