Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2021:1135 - Security Advisory
Issued:
2021-04-08
Updated:
2021-04-08

RHSA-2021:1135 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: squid security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for squid is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.

Security Fix(es):

  • squid: improper input validation may allow a trusted client to perform HTTP request smuggling (CVE-2020-25097)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, the squid service will be restarted automatically.

Affected Products

  • Red Hat Enterprise Linux Server 7 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 7 x86_64
  • Red Hat Enterprise Linux Workstation 7 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 7 s390x
  • Red Hat Enterprise Linux for Power, big endian 7 ppc64
  • Red Hat Enterprise Linux for Power, little endian 7 ppc64le
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7 s390x
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7 ppc64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7 ppc64le

Fixes

  • BZ - 1939925 - CVE-2020-25097 squid: improper input validation may allow a trusted client to perform HTTP request smuggling

CVEs

  • CVE-2020-25097

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 7

SRPM
squid-3.5.20-17.el7_9.6.src.rpm SHA-256: 10dfdfb5e4643a02cb34e03f131c30519cb640e847bea480eb43765ebc2b3355
x86_64
squid-3.5.20-17.el7_9.6.x86_64.rpm SHA-256: 7df4290743527bb7e16dcb5cfd880cc25a4f80d9a6530e0c5625bd3719e3bd17
squid-debuginfo-3.5.20-17.el7_9.6.x86_64.rpm SHA-256: 9547cd94fc36fd92f7cfbcf68a0e69bf5a21d5a04692b634474fcd49abe4b2cd
squid-debuginfo-3.5.20-17.el7_9.6.x86_64.rpm SHA-256: 9547cd94fc36fd92f7cfbcf68a0e69bf5a21d5a04692b634474fcd49abe4b2cd
squid-migration-script-3.5.20-17.el7_9.6.x86_64.rpm SHA-256: 364e19d881a49a398f99754584e5a0fea4039082aa1ccfd9119a4eb9f8c8df35
squid-sysvinit-3.5.20-17.el7_9.6.x86_64.rpm SHA-256: c95ce25fe76d0b744e3e6258c20ebd89fa13ab984e2d0695a36446d35c47fbf2

Red Hat Enterprise Linux Server - Extended Life Cycle Support 7

SRPM
squid-3.5.20-17.el7_9.6.src.rpm SHA-256: 10dfdfb5e4643a02cb34e03f131c30519cb640e847bea480eb43765ebc2b3355
x86_64
squid-3.5.20-17.el7_9.6.x86_64.rpm SHA-256: 7df4290743527bb7e16dcb5cfd880cc25a4f80d9a6530e0c5625bd3719e3bd17
squid-debuginfo-3.5.20-17.el7_9.6.x86_64.rpm SHA-256: 9547cd94fc36fd92f7cfbcf68a0e69bf5a21d5a04692b634474fcd49abe4b2cd
squid-debuginfo-3.5.20-17.el7_9.6.x86_64.rpm SHA-256: 9547cd94fc36fd92f7cfbcf68a0e69bf5a21d5a04692b634474fcd49abe4b2cd
squid-migration-script-3.5.20-17.el7_9.6.x86_64.rpm SHA-256: 364e19d881a49a398f99754584e5a0fea4039082aa1ccfd9119a4eb9f8c8df35
squid-sysvinit-3.5.20-17.el7_9.6.x86_64.rpm SHA-256: c95ce25fe76d0b744e3e6258c20ebd89fa13ab984e2d0695a36446d35c47fbf2

Red Hat Enterprise Linux Workstation 7

SRPM
squid-3.5.20-17.el7_9.6.src.rpm SHA-256: 10dfdfb5e4643a02cb34e03f131c30519cb640e847bea480eb43765ebc2b3355
x86_64
squid-3.5.20-17.el7_9.6.x86_64.rpm SHA-256: 7df4290743527bb7e16dcb5cfd880cc25a4f80d9a6530e0c5625bd3719e3bd17
squid-debuginfo-3.5.20-17.el7_9.6.x86_64.rpm SHA-256: 9547cd94fc36fd92f7cfbcf68a0e69bf5a21d5a04692b634474fcd49abe4b2cd
squid-debuginfo-3.5.20-17.el7_9.6.x86_64.rpm SHA-256: 9547cd94fc36fd92f7cfbcf68a0e69bf5a21d5a04692b634474fcd49abe4b2cd
squid-migration-script-3.5.20-17.el7_9.6.x86_64.rpm SHA-256: 364e19d881a49a398f99754584e5a0fea4039082aa1ccfd9119a4eb9f8c8df35
squid-sysvinit-3.5.20-17.el7_9.6.x86_64.rpm SHA-256: c95ce25fe76d0b744e3e6258c20ebd89fa13ab984e2d0695a36446d35c47fbf2

Red Hat Enterprise Linux for IBM z Systems 7

SRPM
squid-3.5.20-17.el7_9.6.src.rpm SHA-256: 10dfdfb5e4643a02cb34e03f131c30519cb640e847bea480eb43765ebc2b3355
s390x
squid-3.5.20-17.el7_9.6.s390x.rpm SHA-256: d7d3be94d1aa6b2b39544d8a48cd7428a3305dd10b227efac29d4faedb62b512
squid-debuginfo-3.5.20-17.el7_9.6.s390x.rpm SHA-256: 1c888103cf1fc92edfa13402e01b53c9b4ebd334598060c3f071fd7128ddf853
squid-debuginfo-3.5.20-17.el7_9.6.s390x.rpm SHA-256: 1c888103cf1fc92edfa13402e01b53c9b4ebd334598060c3f071fd7128ddf853
squid-migration-script-3.5.20-17.el7_9.6.s390x.rpm SHA-256: 9de74b40a3cbf3a0ae895951405aef328df364ad92e8206cc80b4adfb2eb086f
squid-sysvinit-3.5.20-17.el7_9.6.s390x.rpm SHA-256: ad6753bc906e8280a10e5288ee34484c7e77ad1d816c6cc4b6de59ca84703c76

Red Hat Enterprise Linux for Power, big endian 7

SRPM
squid-3.5.20-17.el7_9.6.src.rpm SHA-256: 10dfdfb5e4643a02cb34e03f131c30519cb640e847bea480eb43765ebc2b3355
ppc64
squid-3.5.20-17.el7_9.6.ppc64.rpm SHA-256: d134866ae9120f2e0d89253b6996202a26ff42f27cfb8f3b96895219a67f3b9d
squid-debuginfo-3.5.20-17.el7_9.6.ppc64.rpm SHA-256: fb5c78a57a34c0a032c101c4bb4c8e17ae672de5e58fa779283049f3bfc3d4d8
squid-debuginfo-3.5.20-17.el7_9.6.ppc64.rpm SHA-256: fb5c78a57a34c0a032c101c4bb4c8e17ae672de5e58fa779283049f3bfc3d4d8
squid-migration-script-3.5.20-17.el7_9.6.ppc64.rpm SHA-256: 81001d781b0227ca24c101ed27780c7e6783edef95b94408dcc9b1dd057f3e62
squid-sysvinit-3.5.20-17.el7_9.6.ppc64.rpm SHA-256: a06de9cde310720033861bdd24d0a420301d2298650a3ab0a3156b55f2c39ecc

Red Hat Enterprise Linux for Power, little endian 7

SRPM
squid-3.5.20-17.el7_9.6.src.rpm SHA-256: 10dfdfb5e4643a02cb34e03f131c30519cb640e847bea480eb43765ebc2b3355
ppc64le
squid-3.5.20-17.el7_9.6.ppc64le.rpm SHA-256: 7c283010ddced7b1fd942f0159348937a2179d5823d76c5c241814dba7c90013
squid-debuginfo-3.5.20-17.el7_9.6.ppc64le.rpm SHA-256: 442cafc9ca02966b3fa280d996c698e7d85e4e468d6d0eb375f819c6e599460b
squid-debuginfo-3.5.20-17.el7_9.6.ppc64le.rpm SHA-256: 442cafc9ca02966b3fa280d996c698e7d85e4e468d6d0eb375f819c6e599460b
squid-migration-script-3.5.20-17.el7_9.6.ppc64le.rpm SHA-256: ba7a878aa21577f5d1d3a0a3c543686e7e5d6b2cf197207b7fdc88654da8b516
squid-sysvinit-3.5.20-17.el7_9.6.ppc64le.rpm SHA-256: c3ac40ad113ce2d4ba7b54c89c8b64989a1e4f2f76bd4642292853f350ae0dc7

Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7

SRPM
squid-3.5.20-17.el7_9.6.src.rpm SHA-256: 10dfdfb5e4643a02cb34e03f131c30519cb640e847bea480eb43765ebc2b3355
s390x
squid-3.5.20-17.el7_9.6.s390x.rpm SHA-256: d7d3be94d1aa6b2b39544d8a48cd7428a3305dd10b227efac29d4faedb62b512
squid-debuginfo-3.5.20-17.el7_9.6.s390x.rpm SHA-256: 1c888103cf1fc92edfa13402e01b53c9b4ebd334598060c3f071fd7128ddf853
squid-debuginfo-3.5.20-17.el7_9.6.s390x.rpm SHA-256: 1c888103cf1fc92edfa13402e01b53c9b4ebd334598060c3f071fd7128ddf853
squid-migration-script-3.5.20-17.el7_9.6.s390x.rpm SHA-256: 9de74b40a3cbf3a0ae895951405aef328df364ad92e8206cc80b4adfb2eb086f
squid-sysvinit-3.5.20-17.el7_9.6.s390x.rpm SHA-256: ad6753bc906e8280a10e5288ee34484c7e77ad1d816c6cc4b6de59ca84703c76

Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7

SRPM
squid-3.5.20-17.el7_9.6.src.rpm SHA-256: 10dfdfb5e4643a02cb34e03f131c30519cb640e847bea480eb43765ebc2b3355
ppc64
squid-3.5.20-17.el7_9.6.ppc64.rpm SHA-256: d134866ae9120f2e0d89253b6996202a26ff42f27cfb8f3b96895219a67f3b9d
squid-debuginfo-3.5.20-17.el7_9.6.ppc64.rpm SHA-256: fb5c78a57a34c0a032c101c4bb4c8e17ae672de5e58fa779283049f3bfc3d4d8
squid-debuginfo-3.5.20-17.el7_9.6.ppc64.rpm SHA-256: fb5c78a57a34c0a032c101c4bb4c8e17ae672de5e58fa779283049f3bfc3d4d8
squid-migration-script-3.5.20-17.el7_9.6.ppc64.rpm SHA-256: 81001d781b0227ca24c101ed27780c7e6783edef95b94408dcc9b1dd057f3e62
squid-sysvinit-3.5.20-17.el7_9.6.ppc64.rpm SHA-256: a06de9cde310720033861bdd24d0a420301d2298650a3ab0a3156b55f2c39ecc

Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7

SRPM
squid-3.5.20-17.el7_9.6.src.rpm SHA-256: 10dfdfb5e4643a02cb34e03f131c30519cb640e847bea480eb43765ebc2b3355
ppc64le
squid-3.5.20-17.el7_9.6.ppc64le.rpm SHA-256: 7c283010ddced7b1fd942f0159348937a2179d5823d76c5c241814dba7c90013
squid-debuginfo-3.5.20-17.el7_9.6.ppc64le.rpm SHA-256: 442cafc9ca02966b3fa280d996c698e7d85e4e468d6d0eb375f819c6e599460b
squid-debuginfo-3.5.20-17.el7_9.6.ppc64le.rpm SHA-256: 442cafc9ca02966b3fa280d996c698e7d85e4e468d6d0eb375f819c6e599460b
squid-migration-script-3.5.20-17.el7_9.6.ppc64le.rpm SHA-256: ba7a878aa21577f5d1d3a0a3c543686e7e5d6b2cf197207b7fdc88654da8b516
squid-sysvinit-3.5.20-17.el7_9.6.ppc64le.rpm SHA-256: c3ac40ad113ce2d4ba7b54c89c8b64989a1e4f2f76bd4642292853f350ae0dc7

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat X (formerly Twitter)

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat, Inc.

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility