SciLinux: SLSA-2020-2040-1 Important: squid on SL7.x x86_64
Summary
Important: squid security update
Security Fixes
* squid: improper check for new member in ESIExpression::Evaluate allows
for stack buffer overflow (CVE-2019-12519)
* squid: improper access restriction upon Digest Authentication nonce
replay could lead to remote code execution (CVE-2020-11945)
* squid: parsing of header Proxy-Authentication leads to memory corruption
(CVE-2019-12525)
SL7
x86_64
squid-3.5.20-15.el7_8.1.x86_64.rpm
squid-debuginfo-3.5.20-15.el7_8.1.x86_64.rpm
squid-migration-script-3.5.20-15.el7_8.1.x86_64.rpm
squid-sysvinit-3.5.20-15.el7_8.1.x86_64.rpm
- Scientific Linux Development Team