Description:
Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.
Security Fix(es):
* squid: improper check for new member in ESIExpression::Evaluate allows for stack buffer overflow (CVE-2019-12519)
* squid: improper access restriction upon Digest Authentication nonce replay could lead to remote code execution (CVE-2020-11945)
* squid: parsing of header Proxy-Authentication leads to memory corruption (CVE-2019-12525)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
libecap-devel-1.0.1-2.module_el8.6.0+2741+01592ae8.aarch64.rpm |
55e3f425f9b79d25a1b7886223c57dc2ec531e67854501992274d404e0f1a950 |
| aarch64 |
libecap-1.0.1-2.module_el8.6.0+2741+01592ae8.aarch64.rpm |
c6410e4bb614a814925e18f8c72f24ebafaf58481f30e6c70024919f51b4739b |
| ppc64le |
libecap-1.0.1-2.module_el8.6.0+2741+01592ae8.ppc64le.rpm |
66453ca7b12ce16e17ae04c9ebcd5f451f151148ef13dd9f13c31fec5fbcd9d2 |
| ppc64le |
libecap-devel-1.0.1-2.module_el8.6.0+2741+01592ae8.ppc64le.rpm |
d36d6e8d7784be4644a74c6e52693c28ecea72e084690277ac0632dd21819db0 |
| x86_64 |
libecap-1.0.1-2.module_el8.6.0+2741+01592ae8.x86_64.rpm |
1cbc8a0c82dbc6330bd8880c0db4cdc3ef8d59ecafa7ded1aa5431d18933a432 |
| x86_64 |
libecap-devel-1.0.1-2.module_el8.6.0+2741+01592ae8.x86_64.rpm |
4d62ea1c65382c3acfe697af449cc2c673d03660a3a39f6c0b1e71e09f5fe8df |
