Lucene search

K
osvGoogleOSV:DSA-3327-1
HistoryAug 03, 2015 - 12:00 a.m.

squid3 - security update

2015-08-0300:00:00
Google
osv.dev
9

0.009 Low

EPSS

Percentile

83.1%

Alex Rousskov of The Measurement Factory discovered that Squid3, a fully
featured web proxy cache, does not correctly handle CONNECT method peer
responses when configured with cache_peer and operating on explicit
proxy traffic. This could allow remote clients to gain unrestricted
access through a gateway proxy to its backend proxy.

For the oldstable distribution (wheezy), this problem has been fixed
in version 3.1.20-2.2+deb7u3.

For the stable distribution (jessie), this problem has been fixed in
version 3.4.8-6+deb8u1.

For the unstable distribution (sid), this problem has been fixed in
version 3.5.6-1.

We recommend that you upgrade your squid3 packages.

CPENameOperatorVersion
squid3eq3.4.8-6