DSA-5637-1 squid – security update

Debian Security Advisory

Several security vulnerabilities have been discovered in Squid, a full featured
web proxy cache. Due to programming errors in Squid’s HTTP request parsing,
remote attackers may be able to execute a denial of service attack by sending
large X-Forwarded-For header or trigger a stack buffer overflow while
performing HTTP Digest authentication. Other issues facilitate request
smuggling past a firewall or a denial of service against Squid’s Helper process

In regard to CVE-2023-46728: Please note that support for the Gopher protocol
has simply been removed in future Squid versions. There are no plans by the
upstream developers of Squid to fix this issue.



Leave a Reply

Your email address will not be published. Required fields are marked *