[ol9_appstream] squid-7:5.5-14.el9_5.3.x86_64

Name:	squid
Epoch:	7
Version:	5.5
Release:	14.el9_5.3
Architecture:	x86_64
Group:	Unspecified
Size:	11575720
License:	GPLv2+ and (LGPLv2+ and MIT and BSD and Public Domain)
RPM:	squid-5.5-14.el9_5.3.x86_64.rpm
Source RPM:	squid-5.5-14.el9_5.3.src.rpm
Build Date:	Fri Nov 15 2024
Build Host:	build-ol9-x86_64.oracle.com
Vendor:	Oracle America
URL:	http://www.squid-cache.org
Summary:	The Squid proxy caching server
Description:	Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools.

Changelog (Show File list) (Show related packages)

Thu Nov 07 2024 Luboš Uhliarik <luhliari@redhat.com> - 7:5.5-14.3

- Disable ESI support
- Resolves: RHEL-65076 - CVE-2024-45802 squid: Denial of Service processing ESI
  response content

Wed Oct 23 2024 Luboš Uhliarik <luhliari@redhat.com> - 7:5.5-14.2
```
- Resolves: RHEL-64425 TCP_MISS_ABORTED/100 erros when uploading
```

Mon Oct 14 2024 Luboš Uhliarik <luhliari@redhat.com> - 7:5.5-14.1

- Resolves: RHEL-62332 - (Regression) Transfer-encoding:chunked data is not sent
  to the client in its complementary

Mon Jul 01 2024 Luboš Uhliarik <luhliari@redhat.com> - 7:5.5-14

- Resolves: RHEL-45057 - squid: Out-of-bounds write error may lead to Denial of 
  Service (CVE-2024-37894)
- Resolves: RHEL-22594 - squid: vulnerable to a Denial of Service attack against
  Cache Manager error responses (CVE-2024-23638)

Thu May 09 2024 Luboš Uhliarik <luhliari@redhat.com> - 7:5.5-13

- Resolves: RHEL-30352 - squid v5 crashes with SIGABRT when ipv6 is disabled
  at kernel level but it is asked to connect to an ipv6 address by a client

Tue Mar 19 2024 Luboš Uhliarik <luhliari@redhat.com> - 7:5.5-12

- Resolves: RHEL-28530 - squid: Denial of Service in HTTP Chunked
  Decoding (CVE-2024-25111)
- Resolves: RHEL-26092 - squid: denial of service in HTTP header
  parser (CVE-2024-25617)

Fri Feb 02 2024 Luboš Uhliarik <luhliari@redhat.com> - 7:5.5-10

- Resolves: RHEL-19556 - squid: denial of service in HTTP request
  parsing (CVE-2023-50269)

Thu Feb 01 2024 Luboš Uhliarik <luhliari@redhat.com> - 7:5.5-9

- Resolves: RHEL-18354 - squid: Buffer over-read in the HTTP Message processing
  feature (CVE-2023-49285)
- Resolves: RHEL-18345 - squid: Incorrect Check of Function Return Value In
  Helper Process management (CVE-2023-49286)
- Resolves: RHEL-18146 - squid crashes in assertion when a parent peer exists
- Resolves: RHEL-18231 - squid: Denial of Service in SSL Certificate validation
  (CVE-2023-46724)
- Resolves: RHEL-15912 - squid: NULL pointer dereference in the gopher protocol
  code (CVE-2023-46728)

Tue Dec 05 2023 Tomas Korbar <tkorbar@redhat.com> - 7:5.5-8

- Resolves: RHEL-14802 - squid: multiple issues in HTTP response caching

Sun Nov 12 2023 Luboš Uhliarik <luhliari@redhat.com> - 7:5.5-7

- Resolves: RHEL-14820 - squid: squid: denial of Servicein FTP
- Resolves: RHEL-14809 - squid: squid: Denial of Service in HTTP Digest
  Authentication
- Resolves: RHEL-14781 - squid: squid: Request/Response smuggling in HTTP/1.1
  and ICAP