ALSA-2023:6266

[ALSA-2023:6266] Critical: squid security update

Type:

security

Severity:

critical

Release date:

2023-11-03

Description:

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.

Security Fix(es):

* SQUID-2023:3 squid: Denial of Service in HTTP Digest Authentication (CVE-2023-46847)
* SQUID-2023:1 squid: Request/Response smuggling in HTTP/1.1 and ICAP (CVE-2023-46846)
* SQUID-2023:5 squid: denial of Service in FTP (CVE-2023-46848)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	squid-5.5-5.el9_2.1.aarch64.rpm	c0139398335b7cf5e275ce1e8d22be43c57d9b3ea3989eb1808049f97cedc485
ppc64le	squid-5.5-5.el9_2.1.ppc64le.rpm	8280e79e35f19eb5730d7961a0b184271003acbab0fb4adfc9c94ec0de9aff68
s390x	squid-5.5-5.el9_2.1.s390x.rpm	0d9db22e60fe1803f47c4ef0db87067620732f9eb02fdf7bc1cd73da67c4143c
x86_64	squid-5.5-5.el9_2.1.x86_64.rpm	3e8a06d31e0c5cf15e42d466c954f3ff15433ecefda07ade4ac50cdbf8803d61

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.