Synopsis: Important: squid security update Advisory ID: SLSA-2020:4082-1 Issue Date: 2020-10-01 CVE Numbers: CVE-2020-24606 CVE-2019-12528 CVE-2020-8450 CVE-2020-15049 CVE-2020-8449 CVE-2020-15810 CVE-2020-15811 -- Security Fix(es): * squid: HTTP Request Smuggling could result in cache poisoning (CVE-2020-15810) * squid: HTTP Request Splitting could result in cache poisoning (CVE-2020-15811) * squid: Information Disclosure issue in FTP Gateway (CVE-2019-12528) * squid: Improper input validation issues in HTTP Request processing (CVE-2020-8449) * squid: Buffer overflow in reverse-proxy configurations (CVE-2020-8450) * squid: Request smuggling and poisoning attack against the HTTP cache (CVE-2020-15049) * squid: Improper input validation could result in a DoS (CVE-2020-24606) -- SL7 x86_64 squid-migration-script-3.5.20-17.el7_9.4.x86_64.rpm squid-3.5.20-17.el7_9.4.x86_64.rpm squid-debuginfo-3.5.20-17.el7_9.4.x86_64.rpm squid-sysvinit-3.5.20-17.el7_9.4.x86_64.rpm - Scientific Linux Development Team