[squid-users] [squid-announce] Squid 5.0.3 beta is available

mikio.kishi at gmail.com mikio.kishi at gmail.com
Sat Jun 20 06:14:04 UTC 2020


Hi, Amos

Do you have any plans to release the official stable version for squid5 ?
I'm strongly interested in squid5 features. So, if you have any schedules,
please let me know.

Regards,
--
Mikio Kishi

On Fri, Jun 19, 2020 at 9:41 PM Amos Jeffries <squid3 at treenet.co.nz> wrote:

> The Squid HTTP Proxy team is very pleased to announce the availability
> of the Squid-5.0.3 beta release!
>
>
> This release is a security and feature update release resolving
> several issues found in the prior Squid releases.
>
>
> The major changes to be aware of:
>
>  * SQUID-2020:5 Denial of Service when using SMP cache
>    (CVE-2020-14059)
>
> This problem may allow a remote client to trigger a Squid worker
> assertion.
>
> This attack is limited to SMP Squids using shared memory cache
> and/or an SMP rock disk cache.
>
>
> See the advisory for patches:
>  <http://www.squid-cache.org/Advisories/SQUID-2020_5.txt>
>
>
>  * SQUID-2020:6 Denial of Service issue in TLS handshake
>    (CVE-2020-14058)
>
> This problem allows a trusted client to perform Denial of Service
> when opening TLS connections with a server for HTTPS.
>
> This problem allows a trusted client to perform Denial of Service
> when opening TLS connections to a server for SSL-Bump intercepted
> transactions.
>
> This attack is limited to Squid built with OpenSSL features and
> opening peer or server connections for HTTPS traffic and SSL-Bump
> server handshakes.
>
> See the advisory for patches:
>  <http://www.squid-cache.org/Advisories/SQUID-2020_6.txt>
>
>
>  * Happy Eyeballs: Do not discard viable reforwarding destinations
>
> When Happ Eyeballs starts opening two connections, both destinations
> are removed from the destinations list. As soon as one connection
> (X) succeeded, the other destination (Y) was essentially forgotten. If
> Squid, after using X, decided to reforward the request, then the request
> was never reforwarded to Y. We now return Y to the list of possible
> destinations.
>
>
>
>   All users of Squid-5 are urged to upgrade as soon as possible.
>
>   All users of Squid-4 and older are encouraged to plan for upgrade.
>
>
> See the ChangeLog for the full list of changes in this and earlier
> releases.
>
> Please refer to the release notes at
> http://www.squid-cache.org/Versions/v5/RELEASENOTES.html
> when you are ready to make the switch to Squid-5
>
> This new release can be downloaded from our HTTP or FTP servers
>
>   http://www.squid-cache.org/Versions/v5/
>   ftp://ftp.squid-cache.org/pub/squid/
>   ftp://ftp.squid-cache.org/pub/archive/5/
>
> or the mirrors. For a list of mirror sites see
>
>   http://www.squid-cache.org/Download/http-mirrors.html
>   http://www.squid-cache.org/Download/mirrors.html
>
> If you encounter any issues with this release please file a bug report.
>   http://bugs.squid-cache.org/
>
>
> Amos Jeffries
> _______________________________________________
> squid-announce mailing list
> squid-announce at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-announce
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20200620/f6bc875d/attachment.html>


More information about the squid-users mailing list