{"id":"ALSA-2024:0046","summary":"Important: squid:4 security update","details":"Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nSecurity Fix(es):\n\n* squid: Denial of Service in SSL Certificate validation (CVE-2023-46724)\n* squid: NULL pointer dereference in the gopher protocol code (CVE-2023-46728)\n* squid: Buffer over-read in the HTTP Message processing feature (CVE-2023-49285)\n* squid: Incorrect Check of Function Return Value In Helper Process management (CVE-2023-49286)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","modified":"2026-01-30T01:53:48.433377Z","published":"2024-01-03T00:00:00Z","related":["CVE-2023-46724","CVE-2023-46728","CVE-2023-49285","CVE-2023-49286"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2024:0046"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2023-46724"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2023-46728"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2023-49285"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2023-49286"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2247567"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2248521"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2252923"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2252926"},{"type":"ADVISORY","url":"https://errata.almalinux.org/8/ALSA-2024-0046.html"}],"affected":[{"package":{"name":"libecap","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/libecap"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.1-2.module_el8.6.0+2741+01592ae8"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2024:0046.json"}},{"package":{"name":"libecap","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/libecap"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.1-2.module_el8.6.0+3048+383bc947"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2024:0046.json"}},{"package":{"name":"libecap-devel","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/libecap-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.1-2.module_el8.6.0+2741+01592ae8"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2024:0046.json"}},{"package":{"name":"libecap-devel","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/libecap-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.1-2.module_el8.6.0+3048+383bc947"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2024:0046.json"}},{"package":{"name":"squid","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/squid"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7:4.15-7.module_el8.9.0+3708+6acaac63.5"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2024:0046.json"}}],"schema_version":"1.7.3"}