[Apollo] Advisories Statistics light light Login

RLSA-2024:0046

Security Mirrored from RHSA-2024:0046
Issued at: 2024-01-09
Updated at: 2024-01-09

Synopsis

Important: squid:4 security update



Description

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.

Security Fix(es):

* squid: Denial of Service in SSL Certificate validation (CVE-2023-46724)

* squid: NULL pointer dereference in the gopher protocol code (CVE-2023-46728)

* squid: Buffer over-read in the HTTP Message processing feature (CVE-2023-49285)

* squid: Incorrect Check of Function Return Value In Helper Process management (CVE-2023-49286)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 8 aarch64 Rocky Linux 8 x86_64

Fixes

2247567 2248521 2252923 2252926

CVEs

CVE-2023-46724 CVE-2023-46728 CVE-2023-49285 CVE-2023-49286

Affected packages

Rocky Linux 8 aarch64 - AppStream

libecap-0:1.0.1-2.module+el8.9.0+1437+df5ea8f0.aarch64.rpm libecap-0:1.0.1-2.module+el8.9.0+1437+df5ea8f0.src.rpm libecap-debuginfo-0:1.0.1-2.module+el8.9.0+1437+df5ea8f0.aarch64.rpm libecap-debugsource-0:1.0.1-2.module+el8.9.0+1437+df5ea8f0.aarch64.rpm libecap-devel-0:1.0.1-2.module+el8.9.0+1437+df5ea8f0.aarch64.rpm squid-7:4.15-7.module+el8.9.0+1568+6d4fd5d4.1.aarch64.rpm squid-7:4.15-7.module+el8.9.0+1568+6d4fd5d4.1.src.rpm squid-debuginfo-7:4.15-7.module+el8.9.0+1568+6d4fd5d4.1.aarch64.rpm squid-debugsource-7:4.15-7.module+el8.9.0+1568+6d4fd5d4.1.aarch64.rpm

Rocky Linux 8 x86_64 - AppStream

libecap-0:1.0.1-2.module+el8.9.0+1437+df5ea8f0.src.rpm libecap-0:1.0.1-2.module+el8.9.0+1437+df5ea8f0.x86_64.rpm libecap-debuginfo-0:1.0.1-2.module+el8.9.0+1437+df5ea8f0.x86_64.rpm libecap-debugsource-0:1.0.1-2.module+el8.9.0+1437+df5ea8f0.x86_64.rpm libecap-devel-0:1.0.1-2.module+el8.9.0+1437+df5ea8f0.x86_64.rpm squid-7:4.15-7.module+el8.9.0+1568+6d4fd5d4.1.src.rpm squid-7:4.15-7.module+el8.9.0+1568+6d4fd5d4.1.x86_64.rpm squid-debuginfo-7:4.15-7.module+el8.9.0+1568+6d4fd5d4.1.x86_64.rpm squid-debugsource-7:4.15-7.module+el8.9.0+1568+6d4fd5d4.1.x86_64.rpm