Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -5 articles for you...
98
security advisoryRed HatimportantRed Hat 8.1: RHSA-2022:6774-01 Important: Squid Buffer-Over-Read
An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: squid:4 security update Advisory ID: RHSA-2022:6774-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:6774 Issue date: 2022-10-04 CVE Names: CVE-2022-41318 ==================================================================== 1. Summary: An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream E4S (v. 8.1) - aarch64, ppc64le, s390x, x86_64 3. Description: Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fix(es): * squid: buffer-over-read in SSPI and SMB authentication (CVE-2022-41318) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the squid service will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 2129771 - CVE-2022-41318 squid: buffer-over-read inSSPI and SMB authentication 6. Package List: Red Hat Enterprise Linux AppStream E4S (v. 8.1): Source: libecap-1.0.1-2.module+el8.1.0+4044+36416a77.src.rpm squid-4.4-8.module+el8.1.0+16758+65e5269e.5.src.rpm aarch64: libecap-1.0.1-2.module+el8.1.0+4044+36416a77.aarch64.rpm libecap-debuginfo-1.0.1-2.module+el8.1.0+4044+36416a77.aarch64.rpm libecap-debugsource-1.0.1-2.module+el8.1.0+4044+36416a77.aarch64.rpm libecap-devel-1.0.1-2.module+el8.1.0+4044+36416a77.aarch64.rpm squid-4.4-8.module+el8.1.0+16758+65e5269e.5.aarch64.rpm squid-debuginfo-4.4-8.module+el8.1.0+16758+65e5269e.5.aarch64.rpm squid-debugsource-4.4-8.module+el8.1.0+16758+65e5269e.5.aarch64.rpm ppc64le: libecap-1.0.1-2.module+el8.1.0+4044+36416a77.ppc64le.rpm libecap-debuginfo-1.0.1-2.module+el8.1.0+4044+36416a77.ppc64le.rpm libecap-debugsource-1.0.1-2.module+el8.1.0+4044+36416a77.ppc64le.rpm libecap-devel-1.0.1-2.module+el8.1.0+4044+36416a77.ppc64le.rpm squid-4.4-8.module+el8.1.0+16758+65e5269e.5.ppc64le.rpm squid-debuginfo-4.4-8.module+el8.1.0+16758+65e5269e.5.ppc64le.rpm squid-debugsource-4.4-8.module+el8.1.0+16758+65e5269e.5.ppc64le.rpm s390x: libecap-1.0.1-2.module+el8.1.0+4044+36416a77.s390x.rpm libecap-debuginfo-1.0.1-2.module+el8.1.0+4044+36416a77.s390x.rpm libecap-debugsource-1.0.1-2.module+el8.1.0+4044+36416a77.s390x.rpm libecap-devel-1.0.1-2.module+el8.1.0+4044+36416a77.s390x.rpm squid-4.4-8.module+el8.1.0+16758+65e5269e.5.s390x.rpm squid-debuginfo-4.4-8.module+el8.1.0+16758+65e5269e.5.s390x.rpm squid-debugsource-4.4-8.module+el8.1.0+16758+65e5269e.5.s390x.rpm x86_64: libecap-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm libecap-debuginfo-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm libecap-debugsource-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm libecap-devel-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm squid-4.4-8.module+el8.1.0+16758+65e5269e.5.x86_64.rpm squid-debuginfo-4.4-8.module+el8.1.0+16758+65e5269e.5.x86_64.rpm squid-debugsource-4.4-8.module+el8.1.0+16758+65e5269e.5.x86_64.rpm These packages are GPG signed by RedHat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-41318 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYzyem9zjgjWX9erEAQjo8g//d9koU3Cd1HK8nUjxMoUVFaGftXeWHVCs LUE3vcQLHqJ5RguDs+Lf7mCJJqqFgyBRX37BE2eAzt85ZCT9vmDtJlGdB1hMpFSa gvwXk/sUu7+X1FtTpSZ4owtytooEtbE/K65wAyTF23ldF2L+3CWXShUysHJTPx+0 S3hDSR/MzjonA0XP5MztCeDIECbptbPv1YA2sOqDvrHXFKypTnzpjfm2VhvOYTOn QNgPQgf3U6SfHdlcXYt2U1iokJHnrSjipM1tz4ml0joyeifmrWpUnIoAVhpOKV+H wJZdeHSph8yEd8txUrFrGWA9lYvhtPqurwUWpFLEUoATsGG9T02Nxm/AaJ+2PFm3 UBXP3s7BKv/9X26jkEyuBpXCx+yY94qYZHPBsjWXPLKc3ur3MRE39kfBl7gDainU cQr/A5725MmnTlrBBZ/Ea00AQ7yQXt8OS+33nR0hEg7R7oYG3krpCpswmz+ZIZ9V zD0wL3u1Vrp2jp+LYoWxE6V6VvVhRM1AQM1N3AxMvXgcF41ZucyJCQjCZkO+BFwH JnOijEj7qpExgBt3be6Iw4Y1tnkfMIlh3kMTjJUDMJwiDKzJ8y8eglbNeadImadX unfvRrUXmAk4sF4V9M8onVwxgMte6wPay3nuAPyuOm05LFO8MLd68PYB099dxX4b zmZ6TLnujjY=NYcH -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Oct 04, 2022
•Important
Red Hat
197
security advisorymoderateDebianDebian: DLA-2685-1 Moderate: Squid3 Denial Of Service Exploit
Several vulnerabilities were discovered in Squid, a proxy caching server. CVE-2021-28651 . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2685-1
Jun 14, 2021
Debian LTS
98
security advisorymoderatebuffer overflowRed Hat Enterprise Linux 6 RHSA-2016:1140-01 Moderate Squid34 Overflow
An update for squid34 is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: squid34 security update Advisory ID: RHSA-2016:1140-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2016:1140 Issue date: 2016-05-31 CVE Names: CVE-2016-4051 CVE-2016-4052 CVE-2016-4053 CVE-2016-4054 CVE-2016-4553 CVE-2016-4554 CVE-2016-4555 CVE-2016-4556 ==================================================================== 1. Summary: An update for squid34 is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 3. Description: The "squid34" packages provide version 3.4 of Squid, a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Note that apart from "squid34", this version of Red Hat Enterprise Linux also includes the "squid" packages which provide Squid version 3.1. Security Fix(es): * A buffer overflow flaw was found in the way the Squid cachemgr.cgi utility processed remotely relayed Squid input. When the CGI interface utility is used, a remote attacker could possibly use this flaw to execute arbitrary code. (CVE-2016-4051) * Bufferoverflow and input validation flaws were found in the way Squid processed ESI responses. If Squid was used as a reverse proxy, or for TLS/HTTPS interception, a remote attacker able to control ESI components on an HTTP server could use these flaws to crash Squid, disclose parts of the stack memory, or possibly execute arbitrary code as the user running Squid. (CVE-2016-4052, CVE-2016-4053, CVE-2016-4054) * An input validation flaw was found in the way Squid handled intercepted HTTP Request messages. An attacker could use this flaw to bypass the protection against issues related to CVE-2009-0801, and perform cache poisoning attacks on Squid. (CVE-2016-4553) * An input validation flaw was found in Squid's mime_get_header_field() function, which is used to search for headers within HTTP requests. An attacker could send an HTTP request from the client side with specially crafted header Host header that bypasses same-origin security protections, causing Squid operating as interception or reverse-proxy to contact the wrong origin server. It could also be used for cache poisoning for client not following RFC 7230. (CVE-2016-4554) * A NULL pointer dereference flaw was found in the way Squid processes ESI responses. If Squid was used as a reverse proxy or for TLS/HTTPS interception, a malicious server could use this flaw to crash the Squid worker process. (CVE-2016-4555) * An incorrect reference counting flaw was found in the way Squid processes ESI responses. If Squid is configured as reverse-proxy, for TLS/HTTPS interception, an attacker controlling a server accessed by Squid, could crash the squid worker, causing a Denial of Service attack. (CVE-2016-4556) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the squid service will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1329126 - CVE-2016-4051 squid: buffer overflow in cachemgr.cgi 1329136 -CVE-2016-4052 CVE-2016-4053 CVE-2016-4054 squid: multiple issues in ESI processing 1334233 - CVE-2016-4553 squid: Cache poisoning issue in HTTP Request handling 1334241 - CVE-2016-4554 squid: Header Smuggling issue in HTTP Request processing 1334246 - CVE-2016-4555 squid: SegFault from ESIInclude::Start 1334786 - CVE-2016-4556 squid: SIGSEGV in ESIContext response handling 6. Package List: Red Hat Enterprise Linux Server (v. 6): Source: squid34-3.4.14-9.el6_8.3.src.rpm i386: squid34-3.4.14-9.el6_8.3.i686.rpm squid34-debuginfo-3.4.14-9.el6_8.3.i686.rpm ppc64: squid34-3.4.14-9.el6_8.3.ppc64.rpm squid34-debuginfo-3.4.14-9.el6_8.3.ppc64.rpm s390x: squid34-3.4.14-9.el6_8.3.s390x.rpm squid34-debuginfo-3.4.14-9.el6_8.3.s390x.rpm x86_64: squid34-3.4.14-9.el6_8.3.x86_64.rpm squid34-debuginfo-3.4.14-9.el6_8.3.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: squid34-3.4.14-9.el6_8.3.src.rpm i386: squid34-3.4.14-9.el6_8.3.i686.rpm squid34-debuginfo-3.4.14-9.el6_8.3.i686.rpm x86_64: squid34-3.4.14-9.el6_8.3.x86_64.rpm squid34-debuginfo-3.4.14-9.el6_8.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7.References: https://access.redhat.com/security/cve/CVE-2016-4051 https://access.redhat.com/security/cve/CVE-2016-4052 https://access.redhat.com/security/cve/CVE-2016-4053 https://access.redhat.com/security/cve/CVE-2016-4054 https://access.redhat.com/security/cve/CVE-2016-4553 https://access.redhat.com/security/cve/CVE-2016-4554 https://access.redhat.com/security/cve/CVE-2016-4555 https://access.redhat.com/security/cve/CVE-2016-4556 https://access.redhat.com/security/updates/classification/#moderate http://www.squid-cache.org/Advisories/SQUID-2016_5.txt http://www.squid-cache.org/Advisories/SQUID-2016_6.txt http://www.squid-cache.org/Advisories/SQUID-2016_7.txt http://www.squid-cache.org/Advisories/SQUID-2016_8.txt http://www.squid-cache.org/Advisories/SQUID-2016_9.txt 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFXTS35XlSAg2UNWIIRAmWpAJ0eIlHSQ3Y08fA9h1/92SX9t0T8BACglO0C 007+HStidaeo4GKvo6RPeFg=yxXK -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list
May 31, 2016
Red Hat
89
security advisorysecurity issuecritical updateFedora Core 2: 2005-275 Critical Update For Squid Proxy Server
Updated package.. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2005-275 2005-03-30 ---------------------------------------------------------------------Product : Fedora Core 2 Name : squid Version : 2.5.STABLE9 Release : 1.FC2.2 Summary : The Squid proxy caching server. Description : Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. Note that squid-2.5.STABLE7 and later do not use /etc/squid/errors for error messages. If you do not want to use the default English error messages, you must set the error_directory in your /etc/squid/squid.conf to the appropriate subdirectory of /usr/share/squid/errors ---------------------------------------------------------------------* Tue Mar 29 2005 Jay Fenlason 7:2.5.STABLE9-1.FC3.2 - more upstream patches - include -libbind patch, to prevent squid from picking up a dependency on libbind. - remove references to /etc/squid/errors, since squid now uses {_datadir}/squid/errors/English by default. (overridable in squid.conf) - Mark {datadir}/squid/errors as config(noreplace) so custom error messages won't get scribbled on. * Wed Mar 16 2005 Jay Fenlason 7:2.5.STABLE9-1.FC3.1 - New upstream version, with 14 upstream patches. Includes fix for bz#150234 cookie leak in squid ---------------------------------------------------------------------This update can be downloaded from: 4f87823cc8d2e7dbbd1c6f0bc390c7a5 SRPMS/squid-2.5.STABLE9-1.FC2.2.src.rpm e60b6b22ae7af50eca46e621155cfd90 x86_64/squid-2.5.STABLE9-1.FC2.2.x86_64.rpm 899e5cf5ee75a51ea8c2256bf4c2e205 x86_64/debug/squid-debuginfo-2.5.STABLE9-1.FC2.2.x86_64.rpm f4bf9886e9c100e0ac9bf17b2e40f7d4 i386/squid-2.5.STABLE9-1.FC2.2.i386.rpm 9c06c585c6d113a154e99f8573c530dd i386/debug/squid-debuginfo-2.5.STABLE9-1.FC2.2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. -----------------------------------------------------------------------fedora-announce-list mailing list
Mar 30, 2005
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!