Advisory: CLSA-2022:1646060698
OS: CentOS 8.4 ELS
Public date: 2022-02-28
Project: squid
Version: 1.0.1-2.module_el8.4.0+2010+24c223d9
Errata link: https://errata.cloudlinux.com/centos8.4-els/CLSA-2022-1646060698.html
- CVE-2021-28651: Fix memory leak that perform DoS via buffer-management bug - CVE-2021-28652: Fix cache manager URL parsing that perform DoS via incorrect parser validation - CVE-2021-28662: Add limit HeaderLookupTable_t::lookup() to BadHdr and specific IDs that perform DoS via certain response header - CVE-2021-31806: Add handling more partial responses that perform DoS via HTTP Range request - CVE-2021-31807: Add handling more partial responses that perform DoS via HTTP Range request - CVE-2021-31808: Add handling more partial responses that perform DoS via HTTP Range request - CVE-2021-33620: Add handling more partial responses that perform DoS via HTTP response
Update command: dnf update squid*
libecap-1.0.1-2.module_el8.4.0+2010+24c223d9.x86_64.rpm libecap-devel-1.0.1-2.module_el8.4.0+2010+24c223d9.x86_64.rpm squid-4.11-4.module_el8.4.0+2010+24c223d9.2.tuxcare.els1.x86_64.rpm