[squid-announce] OpenSSL Advisory 2015-03-19
Amos Jeffries
squid3 at treenet.co.nz
Fri Mar 20 07:27:45 UTC 2015
As you may be aware a number of security vulnerabilities have just been
announced regarding OpenSSL.
<https://openssl.org/news/secadv_20150319.txt>
Several of these potentially impact Squid with Denial of Service and
connection failure side effects when using HTTPS or the SSL-Bump feature
set.
All users of Squid HTTPS and SSL features are advised to restart Squid
after upgrading their OpenSSL library to a fixed version.
There will be no direct Squid advisory regarding this since the
vulnerability is in OpenSSL itself, not Squid.
Amos Jeffries
Squid Software Foundation
More information about the squid-announce
mailing list