squid:4 security update
エラータID: AXSA:2022-3793:01
Release date:
Monday, September 5, 2022 - 23:30
Subject:
squid:4 security update
Affected Channels:
Asianux Server 8 for x86_64
Severity:
High
Description:
Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.
Security Fix(es):
* squid: DoS when processing gopher server responses (CVE-2021-46784)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2021-46784
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Modularity name: squid
Stream name: 4
Solution:
Update packages.
CVEs:
CVE-2021-46784
In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.
In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.
Additional Info:
N/A
Download:
SRPMS
- libecap-1.0.1-2.module+el8+1515+d2468be4.src.rpm
MD5: 8976afbc65759ca4a4326f1845bb2240
SHA-256: 120fd3b157a35d00d702dd1f0de843113ba6d27bdab436179456ddda6ca1cdac
Size: 343.56 kB - squid-4.15-3.module+el8+1515+d2468be4.1.src.rpm
MD5: af3964b0509061d02cae5c290d697ba6
SHA-256: 20665d59197bad98bbc238add0926258cd94b47a265df84717dca76ff7ad3f2a
Size: 2.43 MB
Asianux Server 8 for x86_64
- libecap-1.0.1-2.module+el8+1515+d2468be4.x86_64.rpm
MD5: ab7eac50268d429f210ca356a5f3416c
SHA-256: 82f2339c76cd509a15b0766a55883af281d81ea51007779b58ca8c5ffcfdd656
Size: 27.74 kB - libecap-debugsource-1.0.1-2.module+el8+1515+d2468be4.x86_64.rpm
MD5: 6959a0293501e01d0aa04da73c971e14
SHA-256: a3419e3bd4231faf1f9393ce91f3cd021e8bf76ece093ef41e105fb280f2b016
Size: 18.91 kB - libecap-devel-1.0.1-2.module+el8+1515+d2468be4.x86_64.rpm
MD5: 6412c6a839e996dbff25cd36bcd35671
SHA-256: 1c0b0245642e4ff65350672d9014f6a90284635e3353b3203065296892302e64
Size: 20.44 kB - squid-4.15-3.module+el8+1515+d2468be4.1.x86_64.rpm
MD5: 0d2af98229613d001a2f1c720bba95fa
SHA-256: 6f8bc474aa9bd10010496b8b417854366f0c4d89735dcfda8338724d4c359325
Size: 3.57 MB - squid-debugsource-4.15-3.module+el8+1515+d2468be4.1.x86_64.rpm
MD5: a9fe6a4fe2b08dac5a263a954310e92c
SHA-256: ca7e30153c70743d058b9b4b664ef6aa3e44f96523ed95a61052019f52db3644
Size: 1.74 MB
日本語