ClickCease OracleLinux 6 ELS: squid34 package released - TuxCare

Join Our Popular Newsletter

Join 4,500+ Linux & Open Source Professionals!

2x a month. No spam.

OracleLinux 6 ELS: squid34 package released

August 26, 2021 - TuxCare PR Team

A new updated squid34 package with the fix for several CVEs within OracleLinux OS 6 ELS is now available for download from our production repository.



  • Fix incorrect validation of Content-Length field leading to Http smuggling and Poisoning attack (CVE-2020-15049)
  • Fix handling of unknown SSL errors which resulted in denial of service (CVE-2020-14058)
  • Fix improper input validation allowing HTTP smuggling from trusted client (CVE-2020-25097)
  • Fix nonce reference counter overflow allowing replay attack (CVE-2020-11945)
  • Fix handle of EOF in peerDigestHandleReply() leading to Denial of service (CVE-2020-24606)
  • Fix incorrect input validation allowing writing outside of buffer and leading to denial of service (CVE-2020-8517)
  • Fix improper HTTP request validation allowing access to resources which are prohibited by security filters (CVE-2020-8449)
  • Fix incorrect buffer managment leading to buffer overflow (CVE-2020-8450)
  • Fix memory leak leading to denial of service (CVE-2021-28651)


yum update squid34*

Looking to automate vulnerability patching without kernel reboots, system downtime, or scheduled maintenance windows?

Learn About Live Patching with TuxCare

Related Articles

Strategies for Managing End-of-Life Operating...

End-of-life software is just a fact of our fast-paced technology...

January 30, 2023

Think You Can’t Afford Consistent...

Look, everyone knows that it’s a tough act. Thousands of...

January 17, 2023

Common Government Cybersecurity Standards –...

The public sector, including state and federal agencies, are at...

January 16, 2023

Which Linux Distro is Best...

If your organization deploys IoT solutions, you know that development...

December 1, 2022

The Bugs Behind the Vulnerabilities...

We continue to look at the code issues that cause...

November 14, 2022

Cybersecurity insurance and fine print:...

Catastrophic risks such as natural disasters and indeed cyberattacks require...

June 29, 2022