[squid-users] Vulnerabilities with squid 4.15

robert k Wild robertkwild at gmail.com
Fri Feb 11 10:04:37 UTC 2022


thanks Amos and Eliezer!

tbh i dont know if im using WCCP with my squid version, sorry, how do i
find that out?

i am using SSL Bump ie SSL interception and a few websites im doing No ssl
intercept with splice/peek/bump

hope that helps

On Fri, 11 Feb 2022 at 05:24, Eliezer Croitoru <ngtech1ltd at gmail.com> wrote:

> Hey Robert,
>
>
>
> Don’t rush with the move from CentOS 7 to Ubuntu yet, CentOS 7 has good
> support for at-least a year from now.
>
> I can try to help you by providing RPMs that has support for ecap which I
> understand you need.
>
> Alternatively I can try to build an upgrade process for your self compiled
> version.
>
>
>
> I can recommend on both:
>
>    - Amazon Linux 2
>    - Oracle Enterprise Linux 8\7
>    - Open Suse
>
>
>
> As a general alternative which I can support the RPM builds for.
>
> I have also built binaries for Ubuntu and Debian but in a non deb package
> file but will be signed by me.
>
>
>
> As Amos mentioned the current issue is with WCCP based setups.
>
> Can you please elaborate more if you are using WCCP in your setup?
>
> Also, Are you using SSL-BUMP by any chance? (I really don’t know about a
> setup that doesn’t require this these days)
>
>
>
> If you would be able to share more information on your setup so I might be
> able to clone such a setup it will help a lot.
>
>
>
> Thanks,
>
> Eliezer
>
>
>
> ----
>
> Eliezer Croitoru
>
> NgTech, Tech Support
>
> Mobile: +972-5-28704261
>
> Email: ngtech1ltd at gmail.com
>
>
>
> *From:* robert k Wild <robertkwild at gmail.com>
> *Sent:* Thursday, February 10, 2022 21:28
> *To:* NgTech LTD <ngtech1ltd at gmail.com>
> *Cc:* Squid Users <squid-users at lists.squid-cache.org>
> *Subject:* Re: [squid-users] Vulnerabilities with squid 4.15
>
>
>
> I have squid running on centos 7.9, I will move to ubuntu 20 04 03 as
> centos is officially dead to me
>
>
>
> I have compiled from source ie make make install as I'm running squid with
> squidclamav cicap cicap modules
>
>
>
> All instances I have compiled from source ie make make install
>
>
>
> I did a yum install clamav
>
>
>
> On Thu, 10 Feb 2022, 19:20 NgTech LTD, <ngtech1ltd at gmail.com> wrote:
>
> Hey Robert,
>
>
>
> First: your question is not silly.
>
> The answer will defer based on the complexity of the upgrade process.
>
> What Os are you using and also, did you compiled squid from sources or
> installed from a specific package?
>
> Also, what is your squid setup purpose?
>
>
>
> Eliezer
>
>
>
> בתאריך יום ה׳, 10 בפבר׳ 2022, 20:56, מאת robert k Wild ‏<
> robertkwild at gmail.com>:
>
> Hi all,
>
>
>
> Is there any security vulnerabilities with squid 4.15, should I update to
> 4.17 or is it OK to still use as my squid proxy server
>
>
>
> Sorry for silly question
>
>
>
> Thanks,
>
> Rob
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
>

-- 
Regards,

Robert K Wild.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20220211/93dcc2af/attachment.htm>


More information about the squid-users mailing list