squid:4 security and bug fix update
エラータID: AXSA:2022-3562:01
リリース日:
2022/07/19 Tuesday - 09:08
題名:
squid:4 security and bug fix update
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- Squid には、WCCP プロトコルデータのメモリ範囲外読み取りに起因して
データが本来読み取れない情報の読み取りを許容する脆弱性があります。
(CVE-2021-28116)
Modularity name: squid
Stream name: 4
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2021-28116
Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody.
Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody.
追加情報:
N/A
ダウンロード:
SRPMS
- libecap-1.0.1-2.module+el8+1490+47f17372.src.rpm
MD5: ec77fa86a4daf4d2f96923dc6eb840e3
SHA-256: 6dfcdb31b7b8d15e08c306a7e8eee2bdac9c3a1f9ed149d60c59d55e97aebe7f
Size: 343.56 kB - squid-4.15-3.module+el8+1490+47f17372.src.rpm
MD5: 070eb2eb4950e73db5d44c7f942fadcc
SHA-256: d5d49b95e6168428e083c28c440dfb0c0534428396f23013efd2c45da412b9af
Size: 2.43 MB
Asianux Server 8 for x86_64
- libecap-1.0.1-2.module+el8+1490+47f17372.x86_64.rpm
MD5: 740c609530f6186706157e500b4fe5c5
SHA-256: fa25b5f433ff7481f7aeba4b70fd18a82c0a226a0912c5a84c3a44f5284e3e63
Size: 27.74 kB - libecap-debugsource-1.0.1-2.module+el8+1490+47f17372.x86_64.rpm
MD5: 8331ea6b2c416e4a2beee0be581f0bf3
SHA-256: 28ca96075b0559a0783acaa6158872accab3959f1d9ec5f4e90ef6581d66b9cd
Size: 18.90 kB - libecap-devel-1.0.1-2.module+el8+1490+47f17372.x86_64.rpm
MD5: 1c99a27e11ac11b34b9354a16b70600f
SHA-256: cafed1643fdb4d2b21ce467eda9c8827edea6c958cd4056a339e15708860d930
Size: 20.44 kB - squid-4.15-3.module+el8+1490+47f17372.x86_64.rpm
MD5: 887a7f5b593e602b1e3c7bc4ce378c46
SHA-256: c9fa66b6a5acfa711877264d36c750b9f84d7d5e973a1ee1e2357ef24e3cf5c1
Size: 3.57 MB - squid-debugsource-4.15-3.module+el8+1490+47f17372.x86_64.rpm
MD5: 1de8f770dd75e93e744c83b515735af4
SHA-256: b73a075da300eb3566dad9723d8ee4be3cfd8b0008c26cd543f934856dd0598a
Size: 1.74 MB
English