ALSA-2026:6301

[ALSA-2026:6301] Important: squid security update

Type:

security

Severity:

important

Release date:

2026-04-01

Description:

Squid is a high-performance proxy caching server for web clients, supporting FTP, and HTTP data objects.  

Security Fix(es):  

  * squid: Squid: Denial of Service via heap Use-After-Free vulnerability in ICP handling (CVE-2026-33526)
  * Squid: Squid: Denial of Service via crafted ICP traffic (CVE-2026-32748)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	squid-5.5-22.el9_7.4.aarch64.rpm	d207df7c7d44ff787cb1dacdba78cca57b9c4d919433cff8fd4ccc52469f59d2
ppc64le	squid-5.5-22.el9_7.4.ppc64le.rpm	f59facae54fbee2071486cc2cfc3c8159e54745aa3bb7fe0e47318cb96e1d990
s390x	squid-5.5-22.el9_7.4.s390x.rpm	efec082a45a40d289c0a256213ccf14a7b7e050bd73fe546c1de662e51286b0d
x86_64	squid-5.5-22.el9_7.4.x86_64.rpm	7b1f5130faf1e6c7261204fc731f528f009c64995c398b64382bf5176f03c17f

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.