Due to incorrect input validation Squid is vulnerable to a buffer overflow which can result in Denial of Service to all clients using the proxy.
Created squid tracking bugs for this issue:
Affects: fedora-all [bug 1770376]
Upstream patch: http://www.squid-cache.org/Versions/v4/changesets/squid-4-fbbdf75efd7a5cc244b4886a9d42ea458c5a3a73.patch
Could anyone please clarify, whether a patch for Squid V3 will be released for this issue?
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
This issue has been addressed in the following products:
Red Hat Enterprise Linux 8
Via RHSA-2020:4743 https://access.redhat.com/errata/RHSA-2020:4743