[ol8_appstream] squid-7:4.4-8.module+el8.2.0+7778+aff7482f.2.x86_64

Name:	squid
Epoch:	7
Version:	4.4
Release:	8.module+el8.2.0+7778+aff7482f.2
Architecture:	x86_64
Module:	squid:4:8020020200827100059:4cda2c84
Group:	Unspecified
Size:	12149686
License:	GPLv2+ and (LGPLv2+ and MIT and BSD and Public Domain)
RPM:	squid-4.4-8.module+el8.2.0+7778+aff7482f.2.x86_64.rpm
Source RPM:	squid-4.4-8.module+el8.2.0+7778+aff7482f.2.src.rpm
Build Date:	Fri Sep 04 2020
Build Host:	jenkins-172-17-0-2-8eb6de3a-602e-41a0-8d6b-6a8ca8dd175c.appad2iad.osdevelopmeniad.oraclevcn.com
Vendor:	Oracle America
URL:	http://www.squid-cache.org
Summary:	The Squid proxy caching server
Description:	Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools.

Changelog (Show File list) (Show related packages)

Wed Aug 26 2020 Lubos Uhliarik <luhliari@redhat.com> - 7:4.4-8.2

- Resolves: #1872345 - CVE-2020-15811 squid:4/squid: HTTP Request Splitting
  could result in cache poisoning
- Resolves: #1872330 - CVE-2020-15810 squid:4/squid: HTTP Request Smuggling
  could result in cache poisoning

Wed Apr 29 2020 Lubos Uhliarik <luhliari@redhat.com> - 7:4.4-8.1

- Resolves: #1828368 - CVE-2019-12519 squid: improper check for new member in
  ESIExpression::Evaluate allows for stack buffer overflow
- Resolves: #1828367 - CVE-2020-11945 squid: improper access restriction upon
  Digest Authentication nonce replay could lead to remote code execution
- Resolves: #1829402 - CVE-2019-12525 squid:4/squid: parsing of header
  Proxy-Authentication leads to memory corruption

Fri Aug 23 2019 Lubos Uhliarik <luhliari@redhat.com> - 7:4.4-8

- Resolves: # 1738485 - CVE-2019-12527 squid:4/squid: heap-based buffer overflow
  in HttpHeader::getAuth

Wed Jul 31 2019 Lubos Uhliarik <luhliari@redhat.com> - 7:4.4-7

- Resolves: #1729436 - CVE-2019-13345 squid: XSS via user_name or auth parameter
  in cachemgr.cgi

Fri Jun 21 2019 Lubos Uhliarik <luhliari@redhat.com> - 7:4.4-6

- Resolves: #1679526 - Missing detailed configuration file
- Resolves: #1703117 - RHEL 7 to 8 fails with squid installed because dirs
  changed to symlinks
- Resolves: #1691741 - Squid cache_peer DNS lookup failed when not all lower
  case
- Resolves: #1683527 - "Reloading" message on a fresh reboot after enabling
  squid

Tue Dec 11 2018 Lubos Uhliarik <luhliari@redhat.com> - 7:4.4-4
```
- Resolves: #1612524 - Man page scan results for squid
```
Tue Dec 11 2018 Lubos Uhliarik <luhliari@redhat.com> - 7:4.4-3
```
- Resolves: #1642384 - squid doesn't work with active ftp
```

Tue Dec 11 2018 Lubos Uhliarik <luhliari@redhat.com> - 7:4.4-2

- Resolves: #1657847 - Unable to start Squid in Selinux Enforcing mode

Mon Dec 10 2018 Lubos Uhliarik <luhliari@redhat.com> - 7:4.4-1

- Resolves: #1656871 - squid rebase to 4.4
- Resolves: #1645148 - CVE-2018-19131 squid: Cross-Site Scripting when
  generating HTTPS response messages about TLS errors
- Resolves: #1645156 - CVE-2018-19132 squid: Memory leak in SNMP query
  rejection code

Mon Aug 06 2018 Lubos Uhliarik <luhliari@redhat.com> - 7:4.2-1
```
- new version 4.2
- enable back strict error checking
```