Ubuntu Security Notice USN-6857-1

==========================================================================
Ubuntu Security Notice USN-6857-1
June 27, 2024

squid3 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in Squid.

Software Description:
– squid3: Web proxy cache server

Details:

Joshua Rogers discovered that Squid incorrectly handled requests with the
urn: scheme. A remote attacker could possibly use this issue to cause
Squid to consume resources, leading to a denial of service. This issue
only affected Ubuntu 16.04 LTS. (CVE-2021-28651)

It was discovered that Squid incorrectly handled SSPI and SMB
authentication. A remote attacker could use this issue to cause Squid to
crash, resulting in a denial of service, or possibly obtain sensitive
information. This issue only affected Ubuntu 16.04 LTS. (CVE-2022-41318)

Joshua Rogers discovered that Squid incorrectly handled HTTP message
processing. A remote attacker could possibly use this issue to cause
Squid to crash, resulting in a denial of service. (CVE-2023-49285)

Joshua Rogers discovered that Squid incorrectly handled Helper process
management. A remote attacker could possibly use this issue to cause
Squid to crash, resulting in a denial of service. (CVE-2023-49286)

Joshua Rogers discovered that Squid incorrectly handled HTTP request
parsing. A remote attacker could possibly use this issue to cause
Squid to crash, resulting in a denial of service.
(CVE-2023-50269, CVE-2024-25617)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS
squid 3.5.27-1ubuntu1.14+esm2
Available with Ubuntu Pro
squid3 3.5.27-1ubuntu1.14+esm2
Available with Ubuntu Pro

Ubuntu 16.04 LTS
squid 3.5.12-1ubuntu7.16+esm3
Available with Ubuntu Pro
squid3 3.5.12-1ubuntu7.16+esm3
Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-6857-1
CVE-2021-28651, CVE-2022-41318, CVE-2023-49285, CVE-2023-49286,
CVE-2023-50269, CVE-2024-25617

Ubuntu Security Notice USN-6857-1

افزایش قیمت دامنه های ir از ۳۱ خرداد

آفر سرور اختصاصی از آمریکا

سال نو مبارک – تخفیف های نوروزی

کنترل پنل مدیریت سرور های مجازی

سرور کشور ایسلند

تخفیف Black Friday

تخفیف سرور مجازی آلمان

تخفیف های استثنایی کریسمس 2024 سرور اختصاصی

تخفیف سرور آلمان

سرویس جدید سرور مجازی ترکیه

Ubuntu Security Notice USN-6857-1

قوانین جدید ثبت دامنه

پرداخت هزینه سرویس ها

افزایش قیمت ثبت دامنه

مشکلات شبکه و هارد بر روی نود 3

افزایش قیمت جهانی دامنه

نوشته های مشابه

Ubuntu Security Notice USN-5616-3

Debian Security Advisory 5723-1

Red Hat Security Advisory 2024-0041-03

Red Hat Security Advisory 2024-0043-03

Ubuntu Security Notice USN-6857-1

قوانین جدید ثبت دامنه

پرداخت هزینه سرویس ها

افزایش قیمت ثبت دامنه

مشکلات شبکه و هارد بر روی نود 3

افزایش قیمت جهانی دامنه