Project

General

Profile

Several security bugs in squid: CVE-2016-4051, CVE-2016-4052, CVE-2016-4053, CVE-2016-4054

Problem Description

Several vulnerabilities found in squid might allow remote attackers to cause a denial of service or execute arbitrary code

CVE-2016-4051
CVE-2016-4052
CVE-2016-4053
CVE-2016-4054

Fix

Packages for version squid 3.5 fix those vulnerabilities. At the time of writing no package for version 3.1 is available. Upgrading viapps to latest 1.3.x version is recommended which also includes updated squid.

Solution:
upgrade viapps to latest 1.3.0-x version.
upgrade squid-3.5.17-1.el6.x86_64.rpm

Signatures

MD5 1a821b3e9e07a1e7dc99a25a2c0fdab5  squid-3.5.17-1.el6.x86_64.rpm
SHA1 aabc69b4e47be6673895b35006ce2d86837ba00a  squid-3.5.17-1.el6.x86_64.rpm

h2. How to apply:

  1. Copy downloaded rpms to cmi:/var/www/repo/x86_64
  2. Update CMI repo
    [root@cmi ~] createrepo --update /var/www/repo/x86_64
    
  3. Update DNS/DHCP/NTP node. Either
    1. From CMI front end -> Appliances -> Setup -> Minor packages Upgrade
  1. Or manually:
    [root@px ~] yum clean all # (clear yum cache)
    [root@px ~] yum -y update squid
    [...]
    
    Complete!
    
    [root@px ~]# rpm -q squid
    squid-3.5.17-1.el6.x86_644