Synopsis: Moderate: squid security and bug fix update
Advisory ID: SLSA-2020:1068-1
Issue Date: 2020-04-07
CVE Numbers: CVE-2019-13345
CVE-2018-1000024
CVE-2018-1000027
—
* squid: Incorrect pointer handling when processing ESI Responses can lead
to denial of service
* squid: Incorrect pointer handling in HTTP processing and certificate
download can lead to denial of service
* squid: XSS via user_name or auth parameter in cachemgr.cgi
—
SL7
x86_64
squid-3.5.20-15.el7.x86_64.rpm
squid-migration-script-3.5.20-15.el7.x86_64.rpm
squid-debuginfo-3.5.20-15.el7.x86_64.rpm
squid-sysvinit-3.5.20-15.el7.x86_64.rpm
– Scientific Linux Development Team
