[squid-users] XSS issue only affects bump doesn't it?

Jason Haar jason_haar at trimble.com
Sun Oct 28 20:20:24 UTC 2018


Hi there

I'm running a vulnerable version of squid (ie "--with-openssl" and
"--enable-ssl") but due to issues with bumping not working well, don't
actually do it (ie sslcrtd_program and ssl_bump not defined/etc).

So does that mean we can't actually be affected by this vulnerability?

-- 
Cheers

Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +1 408 481 8171
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20181029/24f56a4b/attachment.html>


More information about the squid-users mailing list