[El-errata] ELSA-2016-2600 Moderate: Oracle Linux 7 squid security, bug fix, and enhancement update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Thu Nov 10 11:12:06 PST 2016 

Oracle Linux Security Advisory ELSA-2016-2600

http://linux.oracle.com/errata/ELSA-2016-2600.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
squid-3.5.20-2.el7.x86_64.rpm
squid-migration-script-3.5.20-2.el7.x86_64.rpm
squid-sysvinit-3.5.20-2.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/squid-3.5.20-2.el7.src.rpm



Description of changes:

[7:3.5.20-2]
- Resolves: #1378025 - host_verify_strict only accepts lowercase arguments

[7:3.5.20-1]
- Resolves: #1273942 - Rebase squid to latest mature 3.5 version (3.5.20)

[7:3.5.10-9]
- Related: #1349775 - Provide migration tools needed due to rebase
   to squid 3.5 as a separate sub-package

[7:3.5.10-8]
- Related: #1349775 - Provide migration tools needed due to rebase
   to squid 3.5 as a separate sub-package

[7:3.5.10-7]
- Related: #1349775 - Provide migration tools needed due to rebase
   to squid 3.5 as a separate sub-package

[7:3.5.10-6]
- Related: #1349775 - Provide migration tools needed due to rebase
   to squid 3.5 as a separate sub-package

[7:3.5.10-5]
- Related: #1349775 - Provide migration tools needed due to rebase
   to squid 3.5 as a separate sub-package

[7:3.5.10-4]
- Resolves: #1349775 - Provide migration tools needed due to rebase
   to squid 3.5 as a separate sub-package

[7:3.5.10-3]
- Resolves: #1330186 - digest doesn't properly work with squid 3.3 on 
CentOS 7

[7:3.5.10-2]
- Resolves: #1336387 - Squid send wrong respond for GET-request following
   Range-GET request

[7:3.5.10-1]
- Resolves: #1273942 - Rebase squid to latest mature 3.5 version (3.5.10)
- Resolves: #1322770 - CVE-2016-2569 CVE-2016-2570 CVE-2016-2571 
CVE-2016-2572
   CVE-2016-3948 squid: various flaws
- Resolves: #1254016 - IPv4 fallback is not working when connecting
   to a dualstack host with non-functional IPv6
- Resolves: #1254018 - should BuildRequire: g++
- Resolves: #1262456 - Squid delays on FQDNs that don't contains AAAA record
- Resolves: #1336940 - Disable squid systemd unit start/stop timeouts
- Resolves: #1344197 - /usr/lib/firewalld/services/squid.xml conflicts 
between
   attempted installs of squid-7:3.3.8-31.el7.x86_64 and
   firewalld-0.4.2-1.el7.noarch
- Resolves: #1299972 - squid file descriptor limit hardcoded to 16384 via
   compile option in spec file

[7:3.3.8-31]
- Resolves: #1283078 - max_filedescriptors in squid.conf is ignored

[7:3.3.8-30]
- Related: #1334509 - CVE-2016-4553 squid: Cache poisoning issue in
   HTTP Request handling
- Related: #1334492 - CVE-2016-4554 CVE-2016-4555 CVE-2016-4556
   squid: various flaws

[7:3.3.8-29]
- Related: #1330577 - CVE-2016-4052 CVE-2016-4053 CVE-2016-4054 squid: 
multiple
   issues in ESI processing

[7:3.3.8-28]
- Related: #1330577 - CVE-2016-4052 CVE-2016-4053 CVE-2016-4054 squid: 
multiple
   issues in ESI processing

[7:3.3.8-27]
- Resolves: #1330577 - CVE-2016-4051 squid: buffer overflow in cachemgr.cgi

More information about the El-errata mailing list