Critical: squid:4 security update

2023-11-0200:00:00

errata.almalinux.org

squid proxy server

security update

denial of service

http digest authentication

request/response smuggling

cvss score

unix

7.4 High

AI Score

Confidence

Low

0.03 Low

EPSS

Percentile

90.9%

JSON

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.

Security Fix(es):

SQUID-2023:3 squid: Denial of Service in HTTP Digest Authentication (CVE-2023-46847)
SQUID-2023:1 squid: Request/Response smuggling in HTTP/1.1 and ICAP (CVE-2023-46846)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
almalinux8x86_64libecap< 1.0.1-2.module_el8.6.0+2741+01592ae8libecap-1.0.1-2.module_el8.6.0+2741+01592ae8.x86_64.rpm
almalinux8x86_64libecap-devel< 1.0.1-2.module_el8.6.0+2741+01592ae8libecap-devel-1.0.1-2.module_el8.6.0+2741+01592ae8.x86_64.rpm
almalinux8x86_64squid< 4.15-6.module_el8.8.0+3670+56cb3c8e.1.alma.1squid-4.15-6.module_el8.8.0+3670+56cb3c8e.1.alma.1.x86_64.rpm
almalinux8aarch64libecap-devel< 1.0.1-2.module_el8.6.0+2741+01592ae8libecap-devel-1.0.1-2.module_el8.6.0+2741+01592ae8.aarch64.rpm
almalinux8aarch64squid< 4.15-6.module_el8.8.0+3670+56cb3c8e.1.alma.1squid-4.15-6.module_el8.8.0+3670+56cb3c8e.1.alma.1.aarch64.rpm
almalinux8aarch64libecap< 1.0.1-2.module_el8.6.0+2741+01592ae8libecap-1.0.1-2.module_el8.6.0+2741+01592ae8.aarch64.rpm
almalinux8ppc64lesquid< 4.15-6.module_el8.8.0+3670+56cb3c8e.1.alma.1squid-4.15-6.module_el8.8.0+3670+56cb3c8e.1.alma.1.ppc64le.rpm
almalinux8ppc64lelibecap< 1.0.1-2.module_el8.6.0+2741+01592ae8libecap-1.0.1-2.module_el8.6.0+2741+01592ae8.ppc64le.rpm
almalinux8ppc64lelibecap-devel< 1.0.1-2.module_el8.6.0+2741+01592ae8libecap-devel-1.0.1-2.module_el8.6.0+2741+01592ae8.ppc64le.rpm
almalinux8s390xsquid< 4.15-6.module_el8.8.0+3670+56cb3c8e.1.alma.1squid-4.15-6.module_el8.8.0+3670+56cb3c8e.1.alma.1.s390x.rpm

OS	Version	Architecture	Package	Version	Filename
almalinux	8	x86_64	libecap	< 1.0.1-2.module_el8.6.0+2741+01592ae8	libecap-1.0.1-2.module_el8.6.0+2741+01592ae8.x86_64.rpm
almalinux	8	x86_64	libecap-devel	< 1.0.1-2.module_el8.6.0+2741+01592ae8	libecap-devel-1.0.1-2.module_el8.6.0+2741+01592ae8.x86_64.rpm
almalinux	8	x86_64	squid	< 4.15-6.module_el8.8.0+3670+56cb3c8e.1.alma.1	squid-4.15-6.module_el8.8.0+3670+56cb3c8e.1.alma.1.x86_64.rpm
almalinux	8	aarch64	libecap-devel	< 1.0.1-2.module_el8.6.0+2741+01592ae8	libecap-devel-1.0.1-2.module_el8.6.0+2741+01592ae8.aarch64.rpm
almalinux	8	aarch64	squid	< 4.15-6.module_el8.8.0+3670+56cb3c8e.1.alma.1	squid-4.15-6.module_el8.8.0+3670+56cb3c8e.1.alma.1.aarch64.rpm
almalinux	8	aarch64	libecap	< 1.0.1-2.module_el8.6.0+2741+01592ae8	libecap-1.0.1-2.module_el8.6.0+2741+01592ae8.aarch64.rpm
almalinux	8	ppc64le	squid	< 4.15-6.module_el8.8.0+3670+56cb3c8e.1.alma.1	squid-4.15-6.module_el8.8.0+3670+56cb3c8e.1.alma.1.ppc64le.rpm
almalinux	8	ppc64le	libecap	< 1.0.1-2.module_el8.6.0+2741+01592ae8	libecap-1.0.1-2.module_el8.6.0+2741+01592ae8.ppc64le.rpm
almalinux	8	ppc64le	libecap-devel	< 1.0.1-2.module_el8.6.0+2741+01592ae8	libecap-devel-1.0.1-2.module_el8.6.0+2741+01592ae8.ppc64le.rpm
almalinux	8	s390x	squid	< 4.15-6.module_el8.8.0+3670+56cb3c8e.1.alma.1	squid-4.15-6.module_el8.8.0+3670+56cb3c8e.1.alma.1.s390x.rpm