(RHSA-2023:6748) Critical: squid security update

2023-11-0710:08:53

access.redhat.com

squid proxy server

critical update

denial of service

http

ftp

icap

security fix

cvss score

references

unix

6.9 Medium

AI Score

Confidence

Low

0.03 Low

EPSS

Percentile

91.0%

JSON

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.

Security Fix(es):

squid: Denial of Service in HTTP Digest Authentication (CVE-2023-46847)
squid: Request/Response smuggling in HTTP/1.1 and ICAP (CVE-2023-46846)
squid: denial of Service in FTP (CVE-2023-46848)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat9s390xsquid-debugsource< 5.5-6.el9_3.1squid-debugsource-5.5-6.el9_3.1.s390x.rpm
RedHat9aarch64squid-debuginfo< 5.5-6.el9_3.1squid-debuginfo-5.5-6.el9_3.1.aarch64.rpm
RedHat9x86_64squid-debuginfo< 5.5-6.el9_3.1squid-debuginfo-5.5-6.el9_3.1.x86_64.rpm
RedHat9ppc64lesquid< 5.5-6.el9_3.1squid-5.5-6.el9_3.1.ppc64le.rpm
RedHat9x86_64squid-debugsource< 5.5-6.el9_3.1squid-debugsource-5.5-6.el9_3.1.x86_64.rpm
RedHat9s390xsquid-debuginfo< 5.5-6.el9_3.1squid-debuginfo-5.5-6.el9_3.1.s390x.rpm
RedHat9x86_64squid< 5.5-6.el9_3.1squid-5.5-6.el9_3.1.x86_64.rpm
RedHat9s390xsquid< 5.5-6.el9_3.1squid-5.5-6.el9_3.1.s390x.rpm
RedHat9aarch64squid< 5.5-6.el9_3.1squid-5.5-6.el9_3.1.aarch64.rpm
RedHat9ppc64lesquid-debuginfo< 5.5-6.el9_3.1squid-debuginfo-5.5-6.el9_3.1.ppc64le.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	9	s390x	squid-debugsource	< 5.5-6.el9_3.1	squid-debugsource-5.5-6.el9_3.1.s390x.rpm
RedHat	9	aarch64	squid-debuginfo	< 5.5-6.el9_3.1	squid-debuginfo-5.5-6.el9_3.1.aarch64.rpm
RedHat	9	x86_64	squid-debuginfo	< 5.5-6.el9_3.1	squid-debuginfo-5.5-6.el9_3.1.x86_64.rpm
RedHat	9	ppc64le	squid	< 5.5-6.el9_3.1	squid-5.5-6.el9_3.1.ppc64le.rpm
RedHat	9	x86_64	squid-debugsource	< 5.5-6.el9_3.1	squid-debugsource-5.5-6.el9_3.1.x86_64.rpm
RedHat	9	s390x	squid-debuginfo	< 5.5-6.el9_3.1	squid-debuginfo-5.5-6.el9_3.1.s390x.rpm
RedHat	9	x86_64	squid	< 5.5-6.el9_3.1	squid-5.5-6.el9_3.1.x86_64.rpm
RedHat	9	s390x	squid	< 5.5-6.el9_3.1	squid-5.5-6.el9_3.1.s390x.rpm
RedHat	9	aarch64	squid	< 5.5-6.el9_3.1	squid-5.5-6.el9_3.1.aarch64.rpm
RedHat	9	ppc64le	squid-debuginfo	< 5.5-6.el9_3.1	squid-debuginfo-5.5-6.el9_3.1.ppc64le.rpm