Synopsis: Important: squid security update Advisory ID: SLSA-2020:2040-1 Issue Date: 2020-05-06 CVE Numbers: None -- Security Fix(es): * squid: improper check for new member in ESIExpression::Evaluate allows for stack buffer overflow (CVE-2019-12519) * squid: improper access restriction upon Digest Authentication nonce replay could lead to remote code execution (CVE-2020-11945) * squid: parsing of header Proxy-Authentication leads to memory corruption (CVE-2019-12525) -- SL7 x86_64 squid-3.5.20-15.el7_8.1.x86_64.rpm squid-debuginfo-3.5.20-15.el7_8.1.x86_64.rpm squid-migration-script-3.5.20-15.el7_8.1.x86_64.rpm squid-sysvinit-3.5.20-15.el7_8.1.x86_64.rpm - Scientific Linux Development Team