Due to incorrect pointer handling, Squid versions 3.x (prior to 3.5.27) and 4.x (prior to 4.0.23) are vulnerable to a denial of service attack when processing ESI responses. This problem allows a remote server delivering certain ESI response syntax to trigger a denial of service for all clients accessing the Squid service.
Created squid tracking bugs for this issue:
Affects: fedora-all [bug 1536940]
A workaround for this issue is to not use the internal ESI parser, which can be achieved by adding either the "esi_parser expat" or "esi_parser libxml2" configuration directive to the squid configuration file (for example /etc/squid/squid.conf).
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2020:1068 https://access.redhat.com/errata/RHSA-2020:1068
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):