[squid-dev] Squid does not accept WCCP of Cisco router since CVE 2021-28116

Amos Jeffries squid3 at treenet.co.nz
Tue Dec 7 01:37:09 UTC 2021


On 6/12/21 12:11, Andrej Mikus wrote:
> Hi,
> 
> I would like to find some information about wccp servers (routers,
> firewalls, etc) that are officially supported and therefore tested for
> compatibility. I thought there would be this kind of page published in
> squid wiki but failed to locate one.
> 
> Since the recent update squid does not accept wccp packets sent by Cisco
> IOS 15.8(3)M2 claiming there is duplicate security definition.
> 
> Is there any way to get in touch with the developper responsible for the
> security patch and request his comments? I do not have access to other
> Cisco hardware, and I would like to know if the update was confirmed
> working for example against a CSR1000v.
> 
> I have first reported the issue to Ubuntu since I am running 18.04, but
> today confirmed that recent versions of squid fail as well. Prior
> creating a new entry at https://bugs.squid-cache.org/ I would appreciate
> your guidance.
> 
> Regards
> Andrej Mikus
> 

Hi Andrej,

  Alex has summarized the state of things pretty accurately. Since CVE 
is already public please feel free to open a bug report on our Bugzilla. 
That will help with getting the fix backported to official releases.

If you are able to do the testing I am happy to try and fix it for you.

Amos


More information about the squid-dev mailing list