Name: | squid |
---|---|
Epoch: | 7 |
Version: | 3.5.20 |
Release: | 17.el7_9.5 |
Architecture: | aarch64 |
Group: | System Environment/Daemons |
Size: | 12253323 |
License: | GPLv2+ and (LGPLv2+ and MIT and BSD and Public Domain) |
RPM: | squid-3.5.20-17.el7_9.5.aarch64.rpm |
Source RPM: | squid-3.5.20-17.el7_9.5.src.rpm |
Build Date: | Tue Nov 10 2020 |
Build Host: | ca-buildarm04.us.oracle.com |
Vendor: | Oracle America |
URL: | http://www.squid-cache.org |
Summary: | The Squid proxy caching server |
Description: | Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. |
- Resolves: #1890581 - Fix for CVE 2019-13345 breaks authentication in cachemgr.cgi
- Resolves: #1872349 - CVE-2020-24606 squid: Improper Input Validation could result in a DoS - Resolves: #1872327 - CVE-2020-15810 squid: HTTP Request Smuggling could result in cache poisoning - Resolves: #1872342 - CVE-2020-15811 squid: HTTP Request Splitting could result in cache poisoning
- Resolves: #1802516 - CVE-2020-8449 squid: Improper input validation issues in HTTP Request processing - Resolves: #1802515 - CVE-2020-8450 squid: Buffer overflow in a Squid acting as reverse-proxy - Resolves: #1853129 - CVE-2020-15049 squid: request smuggling and poisoning attack against the HTTP cache - Resolves: #1802517 - CVE-2019-12528 squid: Information Disclosure issue in FTP Gateway
- Resolves: #1828361 - CVE-2020-11945 squid: improper access restriction upon Digest Authentication nonce replay could lead to remote code execution - Resolves: #1828362 - CVE-2019-12519 squid: improper check for new member in ESIExpression::Evaluate allows for stack buffer overflow [rhel
- Resolves: #1738582 - CVE-2019-12525 squid: parsing of header Proxy-Authentication leads to memory corruption
- Resolves: #1690551 - Squid cache_peer DNS lookup failed when not all lower case - Resolves: #1680022 - squid can't display download/upload packet size for HTTPS sites - Resolves: #1717430 - Excessive memory usage when running out of descriptors - Resolves: #1676420 - Cache siblings return wrongly cached gateway timeouts - Resolves: #1729435 - CVE-2019-13345 squid: XSS via user_name or auth parameter in cachemgr.cgi - Resolves: #1582301 - CVE-2018-1000024 CVE-2018-1000027 squid: various flaws
- Resolves: #1620546 - migration of upstream squid
- Resolves: #1471140 - Missing detailed configuration file
- Resolves: #1452200 - Include kerberos_ldap_group helper in squid
- Resolves: #1445219 - [RFE] Add rock cache directive to squid