Due to a memory leak in SNMP query rejection code, Squid is vulnerable to a denial of service attack.
Created squid tracking bugs for this issue:
Affects: fedora-all [bug 1645155]
Upstream patch github links:
- v4: https://github.com/squid-cache/squid/commit/983c5c36e5f109512ed1af38a329d0b5d0967498
- v3.5: https://github.com/squid-cache/squid/commit/bc9786119f058a76ddf0625424bc33d36460b9a2
This issue did not affect the versions of squid as shipped with Red Hat Enterprise Linux 5 and 6 as they did not include the vulnerable code.