squid: Multiple vulnerabilities (CVE-2020-8449, CVE-2020-8450, CVE-2020-8517, CVE-2019-12528)
CVE-2020-8449: Improper input validation issues in HTTP Request processing
- Affected versions: Squid 2.x -> 2.7.STABLE9, Squid 3.x -> 3.5.28, Squid 4.x -> 4.9.
- Fixed in version: Squid 4.10
Reference:
http://www.squid-cache.org/Advisories/SQUID-2020_1.txt
CVE-2020-8450: Buffer overflow in a Squid acting as reverse-proxy
- Affected versions: Squid 2.x -> 2.7.STABLE9, Squid 3.x -> 3.5.28, Squid 4.x -> 4.9.
- Fixed in version: Squid 4.10
Reference:
http://www.squid-cache.org/Advisories/SQUID-2020_1.txt
CVE-2020-8517: Buffer Overflow issue in ext_lm_group_acl helper.
- Affected versions: Squid 2.x -> 2.7.STABLE9, Squid 3.x -> 3.5.28, Squid 4.x -> 4.9.
- Fixed in version: Squid 4.10
Reference:
http://www.squid-cache.org/Advisories/SQUID-2020_3.txt
CVE-2019-12528: Information Disclosure issue in FTP Gateway
- Affected versions: Squid 2.x -> 2.7.STABLE9, Squid 3.x -> 3.5.28, Squid 4.x -> 4.9.
- Fixed in version: Squid 4.10
Reference:
http://www.squid-cache.org/Advisories/SQUID-2020_2.txt