[CLSA-2024:1710436449] Fix CVE(s): CVE-2024-25617

Type:

security

Severity:

Important

Release date:

2024-03-14 17:14:12 UTC

Description:

   * SECURITY UPDATE: Denial of Service attack against HTTP header parsing
     - debian/patches/CVE-2024-25617.patch: Improve handling of expanding
       HTTP header values
     - CVE-2024-25617

Updated packages:

squid_3.5.12-1ubuntu7.17+tuxcare.els7_amd64.deb
sha:0589997141da6068429a95d6f8349f86e2791e83
squid-cgi_3.5.12-1ubuntu7.17+tuxcare.els7_amd64.deb
sha:5fe055822067375e6bd774be64d962b732783f77
squid-common_3.5.12-1ubuntu7.17+tuxcare.els7_all.deb
sha:f5039fa0119094c9f9876d31459b8b8f30f40101
squid-purge_3.5.12-1ubuntu7.17+tuxcare.els7_amd64.deb
sha:fe753f18afb73ecceca1ccfffbd80abcba22edf0
squid3_3.5.12-1ubuntu7.17+tuxcare.els7_all.deb
sha:3c9db077ab41630da3a564c187c48ae1bf5542a2
squidclient_3.5.12-1ubuntu7.17+tuxcare.els7_amd64.deb
sha:9845536bd14ec98b298a67b0e962ea33dab36784

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.