[squid-users] [squid-announce] OpenSSL Advisory 2015-03-19

Amos Jeffries squid3 at treenet.co.nz
Fri Mar 20 07:27:45 UTC 2015


As you may be aware a number of security vulnerabilities have just been
announced regarding OpenSSL.
 <https://openssl.org/news/secadv_20150319.txt>

Several of these potentially impact Squid with Denial of Service and
connection failure side effects when using HTTPS or the SSL-Bump feature
set.

All users of Squid HTTPS and SSL features are advised to restart Squid
after upgrading their OpenSSL library to a fixed version.


There will be no direct Squid advisory regarding this since the
vulnerability is in OpenSSL itself, not Squid.


Amos Jeffries
Squid Software Foundation
_______________________________________________
squid-announce mailing list
squid-announce at lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-announce


More information about the squid-users mailing list