[RHSA-2015:2378] squid security and bug fix update
Squid is a high-performance proxy caching server for web clients,
supporting FTP, Gopher, and HTTP data objects.
It was found that Squid configured with client-first SSL-bump did not
correctly validate X.509 server certificate host name fields. A
man-in-the-middle attacker could use this flaw to spoof a Squid server
using a specially crafted X.509 certificate. (CVE-2015-3455)
This update fixes the following bugs:
Previously, the squid process did not handle file descriptors correctly
when receiving Simple Network Management Protocol (SNMP) requests. As a
consequence, the process gradually accumulated open file descriptors. This
bug has been fixed and squid now handles SNMP requests correctly, closing
file descriptors when necessary. (BZ#1198778)Under high system load, the squid process sometimes terminated
unexpectedly with a segmentation fault during reboot. This update provides
better memory handling during reboot, thus fixing this bug. (BZ#1225640)
Users of squid are advised to upgrade to these updated packages, which fix
these bugs. After installing this update, the squid service will be
restarted automatically.
Package | Affected Version |
---|---|
pkg:rpm/redhat/squid?arch=x86_64&distro=redhat-7 | < 3.3.8-26.el7 |
pkg:rpm/redhat/squid?arch=s390x&distro=redhat-7 | < 3.3.8-26.el7 |
pkg:rpm/redhat/squid?arch=ppc64le&distro=redhat-7 | < 3.3.8-26.el7 |
pkg:rpm/redhat/squid?arch=ppc64&distro=redhat-7 | < 3.3.8-26.el7 |
pkg:rpm/redhat/squid?arch=aarch64&distro=redhat-7 | < 3.3.8-26.el7 |
pkg:rpm/redhat/squid-sysvinit?arch=x86_64&distro=redhat-7 | < 3.3.8-26.el7 |
pkg:rpm/redhat/squid-sysvinit?arch=s390x&distro=redhat-7 | < 3.3.8-26.el7 |
pkg:rpm/redhat/squid-sysvinit?arch=ppc64le&distro=redhat-7 | < 3.3.8-26.el7 |
pkg:rpm/redhat/squid-sysvinit?arch=ppc64&distro=redhat-7 | < 3.3.8-26.el7 |
pkg:rpm/redhat/squid-sysvinit?arch=aarch64&distro=redhat-7 | < 3.3.8-26.el7 |
- ID
- RHSA-2015:2378
- Severity
- moderate
- URL
- https://access.redhat.com/errata/RHSA-2015:2378
- Published
-
2015-11-19T00:00:00
(8 years ago) - Modified
-
2015-11-19T00:00:00
(8 years ago) - Rights
- Copyright 2015 Red Hat, Inc.
- Other Advisories
Source | # ID | Name | URL |
---|---|---|---|
Bugzilla | 1218118 | https://bugzilla.redhat.com/1218118 | |
RHSA | RHSA-2015:2378 | https://access.redhat.com/errata/RHSA-2015:2378 | |
CVE | CVE-2015-3455 | https://access.redhat.com/security/cve/CVE-2015-3455 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/redhat/squid?arch=x86_64&distro=redhat-7 | redhat | squid | < 3.3.8-26.el7 | redhat-7 | x86_64 | |
Affected | pkg:rpm/redhat/squid?arch=s390x&distro=redhat-7 | redhat | squid | < 3.3.8-26.el7 | redhat-7 | s390x | |
Affected | pkg:rpm/redhat/squid?arch=ppc64le&distro=redhat-7 | redhat | squid | < 3.3.8-26.el7 | redhat-7 | ppc64le | |
Affected | pkg:rpm/redhat/squid?arch=ppc64&distro=redhat-7 | redhat | squid | < 3.3.8-26.el7 | redhat-7 | ppc64 | |
Affected | pkg:rpm/redhat/squid?arch=aarch64&distro=redhat-7 | redhat | squid | < 3.3.8-26.el7 | redhat-7 | aarch64 | |
Affected | pkg:rpm/redhat/squid-sysvinit?arch=x86_64&distro=redhat-7 | redhat | squid-sysvinit | < 3.3.8-26.el7 | redhat-7 | x86_64 | |
Affected | pkg:rpm/redhat/squid-sysvinit?arch=s390x&distro=redhat-7 | redhat | squid-sysvinit | < 3.3.8-26.el7 | redhat-7 | s390x | |
Affected | pkg:rpm/redhat/squid-sysvinit?arch=ppc64le&distro=redhat-7 | redhat | squid-sysvinit | < 3.3.8-26.el7 | redhat-7 | ppc64le | |
Affected | pkg:rpm/redhat/squid-sysvinit?arch=ppc64&distro=redhat-7 | redhat | squid-sysvinit | < 3.3.8-26.el7 | redhat-7 | ppc64 | |
Affected | pkg:rpm/redhat/squid-sysvinit?arch=aarch64&distro=redhat-7 | redhat | squid-sysvinit | < 3.3.8-26.el7 | redhat-7 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |