Revision Date: | 2021-06-11 | Version: | 1 |
Title: | Security update for squid (Important) |
Description: |
This update for squid fixes the following issues:
- update to 4.15: - CVE-2021-28652: Broken cache manager URL parsing (bsc#1185918) - CVE-2021-28651: Memory leak in RFC 2169 response parsing (bsc#1185921) - CVE-2021-28662: Limit HeaderLookupTable_t::lookup() to BadHdr and specific IDs (bsc#1185919) - CVE-2021-31806: Handle more Range requests (bsc#1185916) - CVE-2020-25097: HTTP Request Smuggling vulnerability (bsc#1183436) - Handle more partial responses (bsc#1185923) - fix previous change to reinstante permissions macros, because the wrong path has been used (bsc#1171569). - use libexecdir instead of libdir to conform to recent changes in Factory (bsc#1171164). - Reinstate permissions macros for pinger binary, because the permissions package is also responsible for setting up the cap_net_raw capability, currently a fresh squid install doesn't get a capability bit at all (bsc#1171569). - Change pinger and basic_pam_auth helper to use standard permissions. pinger uses cap_net_raw=ep instead (bsc#1171569)
|
Family: | unix | Class: | patch |
Status: | | Reference(s): | 1171164 1171569 1183436 1185916 1185918 1185919 1185921 1185923 CVE-2020-25097 CVE-2021-28651 CVE-2021-28652 CVE-2021-28662 CVE-2021-31806 SUSE-SU-2021:1961-1
|
Platform(s): | SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
| Product(s): | |
Definition Synopsis |
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS is installed AND squid-4.15-5.26.1 is installed
|