Debian Linux Security Advisory 5637-1 - Several security vulnerabilities have been discovered in Squid, a full featured web proxy cache. Due to programming errors in Squid's HTTP request parsing, remote attackers may be able to execute a denial of service attack by sending large X-Forwarded-For header or trigger a stack buffer overflow while performing HTTP Digest authentication. Other issues facilitate request smuggling past a firewall or a denial of service against Squid's Helper process management.
a79ef3e7a5505aef83c8e1d9026a34f64acecaa9ccd3e41b225ac5500d8a96e7
Ubuntu Security Notice 6500-2 - USN-6500-1 fixed several vulnerabilities in Squid. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Joshua Rogers discovered that Squid incorrectly handled the Gopher protocol. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. Gopher support has been disabled in this update.
68a0cfeb1732f51717395adcb7e4d77d2b664517f161aa855e01969edfb3dce4
Red Hat Security Advisory 2023-7578-01 - An update for squid is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support. Issues addressed include a denial of service vulnerability.
426fedc2e8057f12eeab5ec67d8b28905349550a2c8bcf41381bab079760e9d1
Red Hat Security Advisory 2023-7576-01 - An update for squid is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support. Issues addressed include a denial of service vulnerability.
40e3f7598a52565ce60d9587feb97473ffd6501d2339e6defda641b1aa242860
Ubuntu Security Notice 6500-1 - Joshua Rogers discovered that Squid incorrectly handled validating certain SSL certificates. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. Joshua Rogers discovered that Squid incorrectly handled the Gopher protocol. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. Gopher support has been disabled in this update. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04.
89e080ec0dca666e58acac5a17ad942076e2d2723e487a8ff043ca16623f5d78
Red Hat Security Advisory 2023-6884-01 - An update for squid is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Issues addressed include a denial of service vulnerability.
a516bf29a516d947b0059a51878e39142872f64af09cda6921560d42ed5aec3c
Red Hat Security Advisory 2023-6882-01 - An update for squid34 is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Issues addressed include a denial of service vulnerability.
614bc9d435f29371a5a79868583143372aca2f4ab0ac51f19902dadb435fb459
Red Hat Security Advisory 2023-6805-01 - An update for squid is now available for Red Hat Enterprise Linux 7. Issues addressed include a denial of service vulnerability.
bf2f73db40a425d12339e94ce466547d4b239b1cad64452d5193087dd2cfc138