squid is vulnerable to denial of service (DoS). The vulnerability exists through an incorrect pointer handling issue in HTTP processing and certificate download.
www.squid-cache.org/Advisories/SQUID-2018_2.txt
www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2018_2.patch
www.squid-cache.org/Versions/v4/changesets/SQUID-2018_2.patch
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.8_release_notes/index
access.redhat.com/errata/RHSA-2020:1068
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1680022
bugzilla.redhat.com/show_bug.cgi?id=1717430
github.com/squid-cache/squid/pull/129/files
lists.debian.org/debian-lts-announce/2018/02/msg00001.html
lists.debian.org/debian-lts-announce/2018/02/msg00002.html
usn.ubuntu.com/3557-1/
usn.ubuntu.com/4059-2/
www.debian.org/security/2018/dsa-4122