ALSA-2024:1376

[ALSA-2024:1376] Important: squid security update

Type:

security

Severity:

important

Release date:

2024-04-12

Description:

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.

Security Fix(es):

* squid: denial of service in HTTP header parser (CVE-2024-25617)
* squid: Denial of Service in HTTP Chunked Decoding (CVE-2024-25111)
* squid: denial of service in HTTP request parsing (CVE-2023-50269)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	squid-5.5-6.el9_3.8.aarch64.rpm	6bbb0e902df814ad7ecfbb04198cc3d0536864cc023dcf56a6f736cd8aab842f
ppc64le	squid-5.5-6.el9_3.8.ppc64le.rpm	693af38967c53811e274214192b3a8373fb7d07cea09295f0942ed7aaee9de4f
s390x	squid-5.5-6.el9_3.8.s390x.rpm	153af32642245b125b74985f10dbc4db291e856777fc3414e1f5f25a9e8cbf62
x86_64	squid-5.5-6.el9_3.8.x86_64.rpm	55e510981a7a706152a6bf349da44df30d0ca6c92835021675e7e83886b2d23d

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.