Issued:: 2024-11-14
Updated:: 2024-11-14

RHSA-2024:9624 - Security Advisory

Overview
Updated Packages

Synopsis

Important: squid:4 security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.

Security Fix(es):

squid: Denial of Service processing ESI response content (CVE-2024-45802)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server - AUS 8.2 x86_64

Fixes

BZ - 2322154 - CVE-2024-45802 squid: Denial of Service processing ESI response content

CVEs

CVE-2024-45802

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 8.2

SRPM
libecap-1.0.1-2.module+el8.1.0+4044+36416a77.src.rpm	SHA-256: 2f43b6316609e9a09ecea6e01089d7d886d0024c1eae28f1c31d87670992f7ff
squid-4.4-8.module+el8.2.0+22482+3b9510d6.10.src.rpm	SHA-256: 3f36d20508aca7f71b910d7b28cdf9ff3760882d3f79c68bf1a6a9207ca7ced8
x86_64
libecap-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm	SHA-256: d9d61e2135b220b3d61ae42ef3168afe872f28e6ba90ec1e7c12f99ee0cd09bf
libecap-debuginfo-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm	SHA-256: fcf34d948d19d8ceec11c33bfbd410918882c1e2d5f98d317d47f40935a8beca
libecap-debugsource-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm	SHA-256: 3a323f9bd1ce4c4fdba3eed2f8c5ab67ef86553708394d3ef6c55c579d339c60
libecap-devel-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm	SHA-256: 1b13a8613f81f5551073df17797db405c70acc0e332bbc915d50459e2e7f4530
squid-4.4-8.module+el8.2.0+22482+3b9510d6.10.x86_64.rpm	SHA-256: 99174f52f8de63b9d0779a7c1b797dc5d0f7633b2f9c1bd0e13f40e5fcf7b35e
squid-debuginfo-4.4-8.module+el8.2.0+22482+3b9510d6.10.x86_64.rpm	SHA-256: a822501dfea31a1cf1eda387ae6092f2c1c7a15f27cbaf4acb8c6816530292cf
squid-debugsource-4.4-8.module+el8.2.0+22482+3b9510d6.10.x86_64.rpm	SHA-256: 043690da4e508c81a3af51570a7e0451f16b08db0f8853fde28594bb96ec87c9

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation