Headline
RHSA-2022:5529: Red Hat Security Advisory: squid:4 security update
An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2021-46784: squid: DoS when processing gopher server responses
Synopsis
Important: squid:4 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.
Security Fix(es):
- squid: DoS when processing gopher server responses (CVE-2021-46784)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the squid service will be restarted automatically.
Affected Products
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
- Red Hat Enterprise Linux Server - AUS 8.2 x86_64
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
- Red Hat Enterprise Linux Server - TUS 8.2 x86_64
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64
Fixes
- BZ - 2100721 - CVE-2021-46784 squid: DoS when processing gopher server responses
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2
SRPM
libecap-1.0.1-2.module+el8.1.0+4044+36416a77.src.rpm
SHA-256: 2f43b6316609e9a09ecea6e01089d7d886d0024c1eae28f1c31d87670992f7ff
squid-4.4-8.module+el8.2.0+15803+1b4cda03.4.src.rpm
SHA-256: 9760cd21a03a42efe36744c60f6edb6c004bca9178e6b030bc99fc836ee34df7
x86_64
libecap-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm
SHA-256: d9d61e2135b220b3d61ae42ef3168afe872f28e6ba90ec1e7c12f99ee0cd09bf
libecap-debuginfo-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm
SHA-256: fcf34d948d19d8ceec11c33bfbd410918882c1e2d5f98d317d47f40935a8beca
libecap-debugsource-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm
SHA-256: 3a323f9bd1ce4c4fdba3eed2f8c5ab67ef86553708394d3ef6c55c579d339c60
libecap-devel-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm
SHA-256: 1b13a8613f81f5551073df17797db405c70acc0e332bbc915d50459e2e7f4530
squid-4.4-8.module+el8.2.0+15803+1b4cda03.4.x86_64.rpm
SHA-256: 565a503171f9cfe95cbd3c4a9ffa706e1884382c6e270bf97493ee3f82c26e05
squid-debuginfo-4.4-8.module+el8.2.0+15803+1b4cda03.4.x86_64.rpm
SHA-256: 299d76aa8a6b298ee4430a98bab0a3f991d43837ce73e3896b3ffb83d212d80a
squid-debugsource-4.4-8.module+el8.2.0+15803+1b4cda03.4.x86_64.rpm
SHA-256: 175ee43b218212e44bb474d943839ece45451b96c95357d60240a9b1bda4b3dc
Red Hat Enterprise Linux Server - AUS 8.2
SRPM
libecap-1.0.1-2.module+el8.1.0+4044+36416a77.src.rpm
SHA-256: 2f43b6316609e9a09ecea6e01089d7d886d0024c1eae28f1c31d87670992f7ff
squid-4.4-8.module+el8.2.0+15803+1b4cda03.4.src.rpm
SHA-256: 9760cd21a03a42efe36744c60f6edb6c004bca9178e6b030bc99fc836ee34df7
x86_64
libecap-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm
SHA-256: d9d61e2135b220b3d61ae42ef3168afe872f28e6ba90ec1e7c12f99ee0cd09bf
libecap-debuginfo-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm
SHA-256: fcf34d948d19d8ceec11c33bfbd410918882c1e2d5f98d317d47f40935a8beca
libecap-debugsource-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm
SHA-256: 3a323f9bd1ce4c4fdba3eed2f8c5ab67ef86553708394d3ef6c55c579d339c60
libecap-devel-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm
SHA-256: 1b13a8613f81f5551073df17797db405c70acc0e332bbc915d50459e2e7f4530
squid-4.4-8.module+el8.2.0+15803+1b4cda03.4.x86_64.rpm
SHA-256: 565a503171f9cfe95cbd3c4a9ffa706e1884382c6e270bf97493ee3f82c26e05
squid-debuginfo-4.4-8.module+el8.2.0+15803+1b4cda03.4.x86_64.rpm
SHA-256: 299d76aa8a6b298ee4430a98bab0a3f991d43837ce73e3896b3ffb83d212d80a
squid-debugsource-4.4-8.module+el8.2.0+15803+1b4cda03.4.x86_64.rpm
SHA-256: 175ee43b218212e44bb474d943839ece45451b96c95357d60240a9b1bda4b3dc
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2
SRPM
libecap-1.0.1-2.module+el8.1.0+4044+36416a77.src.rpm
SHA-256: 2f43b6316609e9a09ecea6e01089d7d886d0024c1eae28f1c31d87670992f7ff
squid-4.4-8.module+el8.2.0+15803+1b4cda03.4.src.rpm
SHA-256: 9760cd21a03a42efe36744c60f6edb6c004bca9178e6b030bc99fc836ee34df7
s390x
libecap-1.0.1-2.module+el8.1.0+4044+36416a77.s390x.rpm
SHA-256: 11155457578ba82d131c38520ef1e704de6c8b532b17ccfcdb0feb647158d7d5
libecap-debuginfo-1.0.1-2.module+el8.1.0+4044+36416a77.s390x.rpm
SHA-256: c9809c43b34e764d8904dc2b31a213fe0dc49208feabcacd8106caef9d24b507
libecap-debugsource-1.0.1-2.module+el8.1.0+4044+36416a77.s390x.rpm
SHA-256: 4c5372dcfd4429ace80a62242882c6dfbf39a9eef2c8b84c2aa2b7292b24ce68
libecap-devel-1.0.1-2.module+el8.1.0+4044+36416a77.s390x.rpm
SHA-256: 7c3257862efc0e7f5a93f35535fb2292ca7a11342ff72e3f03d5a934a86821f3
squid-4.4-8.module+el8.2.0+15803+1b4cda03.4.s390x.rpm
SHA-256: 109e635804a398f5f5dd4d72040a827d8d0d56d7fbe75527676b25a32f38de7b
squid-debuginfo-4.4-8.module+el8.2.0+15803+1b4cda03.4.s390x.rpm
SHA-256: dce1f47f8ab5a216d019fb91fb2c9336df8b8ad6b79346d950813e43fdaf0362
squid-debugsource-4.4-8.module+el8.2.0+15803+1b4cda03.4.s390x.rpm
SHA-256: 144d5135d6acc0c8eb5c1d535e849cc5fdced5b2d173be58677c1410130e5bc2
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2
SRPM
libecap-1.0.1-2.module+el8.1.0+4044+36416a77.src.rpm
SHA-256: 2f43b6316609e9a09ecea6e01089d7d886d0024c1eae28f1c31d87670992f7ff
squid-4.4-8.module+el8.2.0+15803+1b4cda03.4.src.rpm
SHA-256: 9760cd21a03a42efe36744c60f6edb6c004bca9178e6b030bc99fc836ee34df7
ppc64le
libecap-1.0.1-2.module+el8.1.0+4044+36416a77.ppc64le.rpm
SHA-256: 1ba6e6a7a7f64c91b5f49112a2d3437e5a4156c04cb2664d9f06985ffd631fac
libecap-debuginfo-1.0.1-2.module+el8.1.0+4044+36416a77.ppc64le.rpm
SHA-256: 2ef0dadb839911f6fb556005df57f2531f2dd215e8bd7dceb39370910050c6a4
libecap-debugsource-1.0.1-2.module+el8.1.0+4044+36416a77.ppc64le.rpm
SHA-256: 1cd7655a19f36b9eaf1cc95fd3e85d2f3cfa1a76e9206ca639fb16f14634f3dd
libecap-devel-1.0.1-2.module+el8.1.0+4044+36416a77.ppc64le.rpm
SHA-256: 2d8756169558e12e281f18a9da93cc49c525ef908c8f2533f81e3a98b22d1e68
squid-4.4-8.module+el8.2.0+15803+1b4cda03.4.ppc64le.rpm
SHA-256: 4f2b27bfc72429a68c4690b82ed337a539adf3f41e7986d44c13d9eec6352c32
squid-debuginfo-4.4-8.module+el8.2.0+15803+1b4cda03.4.ppc64le.rpm
SHA-256: b2930317c6def186d5501a555f5653b992cc4262633d25e05adf25e77b36d53d
squid-debugsource-4.4-8.module+el8.2.0+15803+1b4cda03.4.ppc64le.rpm
SHA-256: c30b26d940e97a857b0ba197d2110f8f7e9616a64d49c576c65766cac5848cb1
Red Hat Enterprise Linux Server - TUS 8.2
SRPM
libecap-1.0.1-2.module+el8.1.0+4044+36416a77.src.rpm
SHA-256: 2f43b6316609e9a09ecea6e01089d7d886d0024c1eae28f1c31d87670992f7ff
squid-4.4-8.module+el8.2.0+15803+1b4cda03.4.src.rpm
SHA-256: 9760cd21a03a42efe36744c60f6edb6c004bca9178e6b030bc99fc836ee34df7
x86_64
libecap-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm
SHA-256: d9d61e2135b220b3d61ae42ef3168afe872f28e6ba90ec1e7c12f99ee0cd09bf
libecap-debuginfo-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm
SHA-256: fcf34d948d19d8ceec11c33bfbd410918882c1e2d5f98d317d47f40935a8beca
libecap-debugsource-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm
SHA-256: 3a323f9bd1ce4c4fdba3eed2f8c5ab67ef86553708394d3ef6c55c579d339c60
libecap-devel-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm
SHA-256: 1b13a8613f81f5551073df17797db405c70acc0e332bbc915d50459e2e7f4530
squid-4.4-8.module+el8.2.0+15803+1b4cda03.4.x86_64.rpm
SHA-256: 565a503171f9cfe95cbd3c4a9ffa706e1884382c6e270bf97493ee3f82c26e05
squid-debuginfo-4.4-8.module+el8.2.0+15803+1b4cda03.4.x86_64.rpm
SHA-256: 299d76aa8a6b298ee4430a98bab0a3f991d43837ce73e3896b3ffb83d212d80a
squid-debugsource-4.4-8.module+el8.2.0+15803+1b4cda03.4.x86_64.rpm
SHA-256: 175ee43b218212e44bb474d943839ece45451b96c95357d60240a9b1bda4b3dc
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2
SRPM
libecap-1.0.1-2.module+el8.1.0+4044+36416a77.src.rpm
SHA-256: 2f43b6316609e9a09ecea6e01089d7d886d0024c1eae28f1c31d87670992f7ff
squid-4.4-8.module+el8.2.0+15803+1b4cda03.4.src.rpm
SHA-256: 9760cd21a03a42efe36744c60f6edb6c004bca9178e6b030bc99fc836ee34df7
aarch64
libecap-1.0.1-2.module+el8.1.0+4044+36416a77.aarch64.rpm
SHA-256: 31c61fd165ea82f7e30b0b4f8e9f9fd6a5eae832149c81c14fd706f902fed84a
libecap-debuginfo-1.0.1-2.module+el8.1.0+4044+36416a77.aarch64.rpm
SHA-256: 450f2a9aa696793f5c1ffb9e62a89bb182e442404b5915306060cd696dbc71e2
libecap-debugsource-1.0.1-2.module+el8.1.0+4044+36416a77.aarch64.rpm
SHA-256: 835ebb3c576f9b1c5ece2e8b3a5a44c0a87f57b3df4fe793c8d7984953397d63
libecap-devel-1.0.1-2.module+el8.1.0+4044+36416a77.aarch64.rpm
SHA-256: 3313cc4f037084e4f913b10b252a7750d6a5a282930643ad92982e3d1330893a
squid-4.4-8.module+el8.2.0+15803+1b4cda03.4.aarch64.rpm
SHA-256: b4dd3b8e1a5d2b6d61819b5f61628a6bedc0a94795d042ef11b6e0cc7f0ee938
squid-debuginfo-4.4-8.module+el8.2.0+15803+1b4cda03.4.aarch64.rpm
SHA-256: 36fd1bd4839cde51676c4a08f0a23ca27ddcbbf256aaeeaec6dc6183c4c9ad4a
squid-debugsource-4.4-8.module+el8.2.0+15803+1b4cda03.4.aarch64.rpm
SHA-256: f2af6f1630e4ff21e94a58524d16019e74c9d0dd333449b6d3061e3e06e96318
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2
SRPM
libecap-1.0.1-2.module+el8.1.0+4044+36416a77.src.rpm
SHA-256: 2f43b6316609e9a09ecea6e01089d7d886d0024c1eae28f1c31d87670992f7ff
squid-4.4-8.module+el8.2.0+15803+1b4cda03.4.src.rpm
SHA-256: 9760cd21a03a42efe36744c60f6edb6c004bca9178e6b030bc99fc836ee34df7
ppc64le
libecap-1.0.1-2.module+el8.1.0+4044+36416a77.ppc64le.rpm
SHA-256: 1ba6e6a7a7f64c91b5f49112a2d3437e5a4156c04cb2664d9f06985ffd631fac
libecap-debuginfo-1.0.1-2.module+el8.1.0+4044+36416a77.ppc64le.rpm
SHA-256: 2ef0dadb839911f6fb556005df57f2531f2dd215e8bd7dceb39370910050c6a4
libecap-debugsource-1.0.1-2.module+el8.1.0+4044+36416a77.ppc64le.rpm
SHA-256: 1cd7655a19f36b9eaf1cc95fd3e85d2f3cfa1a76e9206ca639fb16f14634f3dd
libecap-devel-1.0.1-2.module+el8.1.0+4044+36416a77.ppc64le.rpm
SHA-256: 2d8756169558e12e281f18a9da93cc49c525ef908c8f2533f81e3a98b22d1e68
squid-4.4-8.module+el8.2.0+15803+1b4cda03.4.ppc64le.rpm
SHA-256: 4f2b27bfc72429a68c4690b82ed337a539adf3f41e7986d44c13d9eec6352c32
squid-debuginfo-4.4-8.module+el8.2.0+15803+1b4cda03.4.ppc64le.rpm
SHA-256: b2930317c6def186d5501a555f5653b992cc4262633d25e05adf25e77b36d53d
squid-debugsource-4.4-8.module+el8.2.0+15803+1b4cda03.4.ppc64le.rpm
SHA-256: c30b26d940e97a857b0ba197d2110f8f7e9616a64d49c576c65766cac5848cb1
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2
SRPM
libecap-1.0.1-2.module+el8.1.0+4044+36416a77.src.rpm
SHA-256: 2f43b6316609e9a09ecea6e01089d7d886d0024c1eae28f1c31d87670992f7ff
squid-4.4-8.module+el8.2.0+15803+1b4cda03.4.src.rpm
SHA-256: 9760cd21a03a42efe36744c60f6edb6c004bca9178e6b030bc99fc836ee34df7
x86_64
libecap-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm
SHA-256: d9d61e2135b220b3d61ae42ef3168afe872f28e6ba90ec1e7c12f99ee0cd09bf
libecap-debuginfo-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm
SHA-256: fcf34d948d19d8ceec11c33bfbd410918882c1e2d5f98d317d47f40935a8beca
libecap-debugsource-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm
SHA-256: 3a323f9bd1ce4c4fdba3eed2f8c5ab67ef86553708394d3ef6c55c579d339c60
libecap-devel-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm
SHA-256: 1b13a8613f81f5551073df17797db405c70acc0e332bbc915d50459e2e7f4530
squid-4.4-8.module+el8.2.0+15803+1b4cda03.4.x86_64.rpm
SHA-256: 565a503171f9cfe95cbd3c4a9ffa706e1884382c6e270bf97493ee3f82c26e05
squid-debuginfo-4.4-8.module+el8.2.0+15803+1b4cda03.4.x86_64.rpm
SHA-256: 299d76aa8a6b298ee4430a98bab0a3f991d43837ce73e3896b3ffb83d212d80a
squid-debugsource-4.4-8.module+el8.2.0+15803+1b4cda03.4.x86_64.rpm
SHA-256: 175ee43b218212e44bb474d943839ece45451b96c95357d60240a9b1bda4b3dc
Related news
Red Hat Security Advisory 2022-6252-02 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 3.11.784. Issues addressed include a bypass vulnerability.
Red Hat OpenShift Container Platform release 3.11.784 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-39226: grafana: Snapshot authentication bypass
Red Hat Security Advisory 2022-5526-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-5542-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Issues addressed include a denial of service vulnerability.
In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.
An update for squid is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-46784: squid: DoS when processing gopher server responses
An update for the squid:4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-46784: squid: DoS when processing gopher server responses
An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-46784: squid: DoS when processing gopher server responses
An update for squid is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-46784: squid: DoS when processing gopher server responses
An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-46784: squid: DoS when processing gopher server responses
Ubuntu Security Notice 5491-1 - Joshua Rogers discovered that Squid incorrectly handled the Gopher protocol. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service.