Mehrere Probleme in squid
ID: | SUSE-SU-2020:2443-1 |
Distribution: | SUSE |
Plattformen: | SUSE Linux Enterprise Server 12-SP5 |
Datum: | Mi, 2. September 2020, 19:16 |
Referenzen: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24606
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15811 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15049 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15810 |
Applikationen: | Squid |
Originalnachricht |
|
SUSE Security Update: Security update for squid ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:2443-1 Rating: critical References: #1173455 #1175664 #1175665 #1175671 Cross-References: CVE-2020-15049 CVE-2020-15810 CVE-2020-15811 CVE-2020-24606 Affected Products: SUSE Linux Enterprise Server 12-SP5 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for squid fixes the following issues: squid was updated to version 4.13: - CVE-2020-24606: Fix livelocking in peerDigestHandleReply (bsc#1175671). - CVE-2020-15811: Improve Transfer-Encoding handling (bsc#1175665). - CVE-2020-15810: Enforce token characters for field-name (bsc#1175664). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-2443=1 Package List: - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): squid-4.13-4.15.1 squid-debuginfo-4.13-4.15.1 squid-debugsource-4.13-4.15.1 References: https://www.suse.com/security/cve/CVE-2020-15049.html https://www.suse.com/security/cve/CVE-2020-15810.html https://www.suse.com/security/cve/CVE-2020-15811.html https://www.suse.com/security/cve/CVE-2020-24606.html https://bugzilla.suse.com/1173455 https://bugzilla.suse.com/1175664 https://bugzilla.suse.com/1175665 https://bugzilla.suse.com/1175671 _______________________________________________ sle-security-updates mailing list sle-security-updates@lists.suse.com http://lists.suse.com/mailman/listinfo/sle-security-updates |