USN-6500-1: Squid vulnerabilities

Read Time:1 Minute, 0 Second

Joshua Rogers discovered that Squid incorrectly handled validating certain
SSL certificates. A remote attacker could possibly use this issue to cause
Squid to crash, resulting in a denial of service. This issue only affected
Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. (CVE-2023-46724)

Joshua Rogers discovered that Squid incorrectly handled the Gopher
protocol. A remote attacker could possibly use this issue to cause Squid to
crash, resulting in a denial of service. Gopher support has been disabled
in this update. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04
LTS, and Ubuntu 23.04. (CVE-2023-46728)

Keran Mu and Jianjun Chen discovered that Squid incorrectly handled the
chunked decoder. A remote attacker could possibly use this issue to perform
HTTP request smuggling attacks. (CVE-2023-46846)

Joshua Rogers discovered that Squid incorrectly handled HTTP Digest
Authentication. A remote attacker could possibly use this issue to cause
Squid to crash, resulting in a denial of service. (CVE-2023-46847)

Joshua Rogers discovered that Squid incorrectly handled certain FTP urls.
A remote attacker could possibly use this issue to cause Squid to crash,
resulting in a denial of service. (CVE-2023-46848)

White House to Tackle AI-Generated Sexual Abuse Images

Legacy Ivanti Cloud Service Appliance Being Exploited

Half of UK Firms Lack Basic Cybersecurity Skills

Advanced Phishing Attacks Put X Accounts at Risk

Apple to Drop Spyware Lawsuit Over Security Concerns

Tackling the Unique Cybersecurity Challenges of Online Learning Platforms

Meta Goes Ahead With Controversial AI Training in UK

23andMe Agrees to $30m Data Breach Settlement

UK Hosts International Cyber Skills Conference

USN-6500-1: Squid vulnerabilities

USN-7015-1: Python vulnerabilities

USN-7014-1: nginx vulnerability

USN-7013-1: Dovecot vulnerabilities

USN-7012-1: curl vulnerability

USN-7011-1: ClamAV vulnerabilities

USN-6560-3: OpenSSH vulnerability