Due to an input validation bug Squid is vulnerable to a Denial of Service against all clients using the proxy. This problem allows a remote server to perform Denial of Service when delivering HTTP Response messages. The issue trigger is a header which can be expected to exist in HTTP traffic without any malicious intent by the server.
Created squid tracking bugs for this issue:
Affects: fedora-all [bug 1959538]
Upstream pull request:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 8
Via RHSA-2021:4292 https://access.redhat.com/errata/RHSA-2021:4292
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):