Name: | squid |
---|---|
Epoch: | 7 |
Version: | 4.15 |
Release: | 3.0.1.el7.1 |
Architecture: | aarch64 |
Group: | Unspecified |
Size: | 12942321 |
License: | GPLv2+ and (LGPLv2+ and MIT and BSD and Public Domain) |
RPM: | squid-4.15-3.0.1.el7.1.aarch64.rpm |
Source RPM: | squid-4.15-3.0.1.el7.1.src.rpm |
Build Date: | Mon Jan 16 2023 |
Build Host: | build-ol7-aarch64.oracle.com |
Vendor: | Oracle America |
URL: | http://www.squid-cache.org |
Summary: | The Squid proxy caching server |
Description: | Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. |
- Obsolete squid-sysvinit [Jira: OLDIS-20090]
- Resolves: #2100782 - CVE-2021-46784 squid:4/squid: DoS when processing gopher server responses
- Resolves: #1941506 - CVE-2021-28116 squid:4/squid: out-of-bounds read in WCCP protocol data may lead to information disclosure
- Resolves: #2006121 - SQUID shortens FTP Link wrong that contains a semi-colon and as a result is not able to download zip file.CODE 404 TO CLIENT)
- new version 4.15 - Resolves: #1964384 - squid:4 rebase to 4.15
- Resolves: #1944261 - CVE-2020-25097 squid:4/squid: improper input validation may allow a trusted client to perform HTTP Request Smuggling
- Resolves: #1890606 - Fix for CVE 2019-13345 breaks authentication in cachemgr.cgi
- Resolves: #1871705 - CVE-2020-24606 squid: Improper Input Validation could result in a DoS - Resolves: #1871702 - CVE-2020-15811 squid: HTTP Request Splitting could result in cache poisoning - Resolves: #1871700 - CVE-2020-15810 squid: HTTP Request Smuggling could result in cache poisoning
- Resolves: #1853130 - CVE-2020-15049 squid:4/squid: request smuggling and poisoning attack against the HTTP cache - Resolves: #1853136 - CVE-2020-14058 squid:4/squid: DoS in TLS handshake
- new version 4.11 - libsystemd integration - Resolves: #1829467 - squid:4 rebase - Resolves: #1828378 - CVE-2019-12521 squid:4/squid: off-by-one error in addStackElement allows for a heap buffer overflow and a crash - Resolves: #1828377 - CVE-2019-12520 squid:4/squid: improper input validation in request allows for proxy manipulation - Resolves: #1828375 - CVE-2019-12524 squid:4/squid: improper access restriction in url_regex may lead to security bypass - Resolves: #1820664 - CVE-2019-18860 squid: mishandles HTML in the host parameter to cachemgr.cgi which could result in squid behaving in unsecure way - Resolves: #1802514 - CVE-2020-8449 squid:4/squid: Improper input validation issues in HTTP Request processing - Resolves: #1802513 - CVE-2020-8450 squid:4/squid: Buffer overflow in a Squid acting as reverse-proxy - Resolves: #1802512 - CVE-2019-12528 squid:4/squid: Information Disclosure issue in FTP Gateway - Resolves: #1771288 - CVE-2019-18678 squid:4/squid: HTTP Request Splitting issue in HTTP message processing - Resolves: #1771283 - CVE-2019-18679 squid:4/squid: Information Disclosure issue in HTTP Digest Authentication - Resolves: #1771280 - CVE-2019-18677 squid:4/squid: Cross-Site Request Forgery issue in HTTP Request processing - Resolves: #1771275 - CVE-2019-12523 squid:4/squid: Improper input validation in URI processor - Resolves: #1771272 - CVE-2019-18676 squid:4/squid: Buffer overflow in URI processor - Resolves: #1771264 - CVE-2019-12526 squid:4/squid: Heap overflow issue in URN processing - Resolves: #1738581 - CVE-2019-12529 squid: OOB read in Proxy-Authorization header causes DoS