Description: a) Due to an Improper Handling of Structural Elements bug Squid is vulnerable to a Denial of Service attack against HTTP and HTTPS clients. b) Due to an Incomplete Filtering of Special Elements bug Squid is vulnerable to a Denial of Service attack against HTTP and HTTPS clients. Reference: https://github.com/squid-cache/squid/security/advisories/GHSA-543m-w2m2-g255 Affected versions: < 6.4
Created squid tracking bugs for this issue: Affects: fedora-all [bug 2245915]
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:7465 https://access.redhat.com/errata/RHSA-2023:7465
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:7668 https://access.redhat.com/errata/RHSA-2023:7668
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2024:0072 https://access.redhat.com/errata/RHSA-2024:0072
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2024:0397 https://access.redhat.com/errata/RHSA-2024:0397
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Red Hat Enterprise Linux 8.2 Telecommunications Update Service Via RHSA-2024:0772 https://access.redhat.com/errata/RHSA-2024:0772
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Via RHSA-2024:0773 https://access.redhat.com/errata/RHSA-2024:0773
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2024:0771 https://access.redhat.com/errata/RHSA-2024:0771
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2024:1153 https://access.redhat.com/errata/RHSA-2024:1153