[squid-users] [squid-announce] [ADVISORY] SQUID-2019:4 Multiple Issues in HTTP Request processing
Amos Jeffries
squid3 at treenet.co.nz
Sun Apr 19 03:32:28 UTC 2020
On 19/04/20 6:52 am, Marcus Kool wrote:
> Amos,
> The latest version of Squid is 4.10. Do you mean "fixed in 4.10"
> instead of "fixed in 4.8" ?
>
No, these CVE were fixed in 4.8. The advisory was embargoed for another
issue, which is has taken too long and now going to be fixed in a later
release.
Amos
> Thanks,
> Marcus
>
> On 18/04/2020 14:10, Amos Jeffries wrote:
>> __________________________________________________________________
>>
>> Squid Proxy Cache Security Update Advisory SQUID-2019:4
>> __________________________________________________________________
>>
>> Advisory ID: SQUID-2019:4
>> Date: April 18, 2020
>> Summary: Multiple Issues
>> in HTTP Request processing.
>> Affected versions: Squid 3.5.18 -> 3.5.28
>> Squid 4.0.10 -> 4.7
>> Fixed in version: Squid 4.8
>> __________________________________________________________________
>>
>> http://www.squid-cache.org/Advisories/SQUID-2019_4.txt
>> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12520
>> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12524
>> __________________________________________________________________
>>
More information about the squid-users
mailing list