- Issued:
- 2024-03-25
- Updated:
- 2024-03-25
RHSA-2024:1479 - Security Advisory
Synopsis
Important: squid:4 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Squid is a high-performance proxy caching server for web clients, supporting FTP, and HTTP data objects.
Security Fix(es):
- squid: Denial of Service in HTTP Chunked Decoding (CVE-2024-25111)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
After installing this update, the squid service will be restarted automatically.
Affected Products
- Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.6 x86_64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
- Red Hat Enterprise Linux Server - AUS 8.6 x86_64
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le
- Red Hat Enterprise Linux Server - TUS 8.6 x86_64
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64
Fixes
- BZ - 2268366 - CVE-2024-25111 squid: Denial of Service in HTTP Chunked Decoding
CVEs
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6
| SRPM | |
|---|---|
| libecap-1.0.1-2.module+el8.1.0+4044+36416a77.src.rpm | SHA-256: 2f43b6316609e9a09ecea6e01089d7d886d0024c1eae28f1c31d87670992f7ff |
| squid-4.15-3.module+el8.6.0+21519+58cab4c1.6.src.rpm | SHA-256: 7ec173b163684b71cbba4c8e3b4704e158e7bdf959895b57f6a213d5dada3c1b |
| x86_64 | |
| libecap-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm | SHA-256: d9d61e2135b220b3d61ae42ef3168afe872f28e6ba90ec1e7c12f99ee0cd09bf |
| libecap-debuginfo-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm | SHA-256: fcf34d948d19d8ceec11c33bfbd410918882c1e2d5f98d317d47f40935a8beca |
| libecap-debugsource-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm | SHA-256: 3a323f9bd1ce4c4fdba3eed2f8c5ab67ef86553708394d3ef6c55c579d339c60 |
| libecap-devel-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm | SHA-256: 1b13a8613f81f5551073df17797db405c70acc0e332bbc915d50459e2e7f4530 |
| squid-4.15-3.module+el8.6.0+21519+58cab4c1.6.x86_64.rpm | SHA-256: 24c82302611296e722d25ef5bd60024bf7737a4dc1101006fd4dc595bdc9c9f0 |
| squid-debuginfo-4.15-3.module+el8.6.0+21519+58cab4c1.6.x86_64.rpm | SHA-256: f6c737d54b80525cc59b1420a2f5f602ad3fabb7e51634fb6cdf067288aacc9c |
| squid-debugsource-4.15-3.module+el8.6.0+21519+58cab4c1.6.x86_64.rpm | SHA-256: db3eb7386eb8cc30408566b11cb99ddfce72a2b8b74d03f3d2a213da4db98e51 |
Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.6
| SRPM | |
|---|---|
| libecap-1.0.1-2.module+el8.1.0+4044+36416a77.src.rpm | SHA-256: 2f43b6316609e9a09ecea6e01089d7d886d0024c1eae28f1c31d87670992f7ff |
| squid-4.15-3.module+el8.6.0+21519+58cab4c1.6.src.rpm | SHA-256: 7ec173b163684b71cbba4c8e3b4704e158e7bdf959895b57f6a213d5dada3c1b |
| x86_64 | |
| libecap-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm | SHA-256: d9d61e2135b220b3d61ae42ef3168afe872f28e6ba90ec1e7c12f99ee0cd09bf |
| libecap-debuginfo-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm | SHA-256: fcf34d948d19d8ceec11c33bfbd410918882c1e2d5f98d317d47f40935a8beca |
| libecap-debugsource-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm | SHA-256: 3a323f9bd1ce4c4fdba3eed2f8c5ab67ef86553708394d3ef6c55c579d339c60 |
| libecap-devel-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm | SHA-256: 1b13a8613f81f5551073df17797db405c70acc0e332bbc915d50459e2e7f4530 |
| squid-4.15-3.module+el8.6.0+21519+58cab4c1.6.x86_64.rpm | SHA-256: 24c82302611296e722d25ef5bd60024bf7737a4dc1101006fd4dc595bdc9c9f0 |
| squid-debuginfo-4.15-3.module+el8.6.0+21519+58cab4c1.6.x86_64.rpm | SHA-256: f6c737d54b80525cc59b1420a2f5f602ad3fabb7e51634fb6cdf067288aacc9c |
| squid-debugsource-4.15-3.module+el8.6.0+21519+58cab4c1.6.x86_64.rpm | SHA-256: db3eb7386eb8cc30408566b11cb99ddfce72a2b8b74d03f3d2a213da4db98e51 |
Red Hat Enterprise Linux Server - AUS 8.6
| SRPM | |
|---|---|
| libecap-1.0.1-2.module+el8.1.0+4044+36416a77.src.rpm | SHA-256: 2f43b6316609e9a09ecea6e01089d7d886d0024c1eae28f1c31d87670992f7ff |
| squid-4.15-3.module+el8.6.0+21519+58cab4c1.6.src.rpm | SHA-256: 7ec173b163684b71cbba4c8e3b4704e158e7bdf959895b57f6a213d5dada3c1b |
| x86_64 | |
| libecap-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm | SHA-256: d9d61e2135b220b3d61ae42ef3168afe872f28e6ba90ec1e7c12f99ee0cd09bf |
| libecap-debuginfo-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm | SHA-256: fcf34d948d19d8ceec11c33bfbd410918882c1e2d5f98d317d47f40935a8beca |
| libecap-debugsource-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm | SHA-256: 3a323f9bd1ce4c4fdba3eed2f8c5ab67ef86553708394d3ef6c55c579d339c60 |
| libecap-devel-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm | SHA-256: 1b13a8613f81f5551073df17797db405c70acc0e332bbc915d50459e2e7f4530 |
| squid-4.15-3.module+el8.6.0+21519+58cab4c1.6.x86_64.rpm | SHA-256: 24c82302611296e722d25ef5bd60024bf7737a4dc1101006fd4dc595bdc9c9f0 |
| squid-debuginfo-4.15-3.module+el8.6.0+21519+58cab4c1.6.x86_64.rpm | SHA-256: f6c737d54b80525cc59b1420a2f5f602ad3fabb7e51634fb6cdf067288aacc9c |
| squid-debugsource-4.15-3.module+el8.6.0+21519+58cab4c1.6.x86_64.rpm | SHA-256: db3eb7386eb8cc30408566b11cb99ddfce72a2b8b74d03f3d2a213da4db98e51 |
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6
| SRPM | |
|---|---|
| libecap-1.0.1-2.module+el8.1.0+4044+36416a77.src.rpm | SHA-256: 2f43b6316609e9a09ecea6e01089d7d886d0024c1eae28f1c31d87670992f7ff |
| squid-4.15-3.module+el8.6.0+21519+58cab4c1.6.src.rpm | SHA-256: 7ec173b163684b71cbba4c8e3b4704e158e7bdf959895b57f6a213d5dada3c1b |
| s390x | |
| libecap-1.0.1-2.module+el8.1.0+4044+36416a77.s390x.rpm | SHA-256: 11155457578ba82d131c38520ef1e704de6c8b532b17ccfcdb0feb647158d7d5 |
| libecap-debuginfo-1.0.1-2.module+el8.1.0+4044+36416a77.s390x.rpm | SHA-256: c9809c43b34e764d8904dc2b31a213fe0dc49208feabcacd8106caef9d24b507 |
| libecap-debugsource-1.0.1-2.module+el8.1.0+4044+36416a77.s390x.rpm | SHA-256: 4c5372dcfd4429ace80a62242882c6dfbf39a9eef2c8b84c2aa2b7292b24ce68 |
| libecap-devel-1.0.1-2.module+el8.1.0+4044+36416a77.s390x.rpm | SHA-256: 7c3257862efc0e7f5a93f35535fb2292ca7a11342ff72e3f03d5a934a86821f3 |
| squid-4.15-3.module+el8.6.0+21519+58cab4c1.6.s390x.rpm | SHA-256: f9bd4a86c8cda444d5a185d88f12d08ac60a2e4ce87be17a4e209f8f0ab00b3c |
| squid-debuginfo-4.15-3.module+el8.6.0+21519+58cab4c1.6.s390x.rpm | SHA-256: 6016b55676236759fa92c1ccf5ad731c2f1ba2eeba99e35239dd4b4fa0236aa1 |
| squid-debugsource-4.15-3.module+el8.6.0+21519+58cab4c1.6.s390x.rpm | SHA-256: e0dafb3f58ccc8aefc3cf44a6795e54ecf0fe95e2c37eb4839ebc8ebc2888386 |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6
| SRPM | |
|---|---|
| libecap-1.0.1-2.module+el8.1.0+4044+36416a77.src.rpm | SHA-256: 2f43b6316609e9a09ecea6e01089d7d886d0024c1eae28f1c31d87670992f7ff |
| squid-4.15-3.module+el8.6.0+21519+58cab4c1.6.src.rpm | SHA-256: 7ec173b163684b71cbba4c8e3b4704e158e7bdf959895b57f6a213d5dada3c1b |
| ppc64le | |
| libecap-1.0.1-2.module+el8.1.0+4044+36416a77.ppc64le.rpm | SHA-256: 1ba6e6a7a7f64c91b5f49112a2d3437e5a4156c04cb2664d9f06985ffd631fac |
| libecap-debuginfo-1.0.1-2.module+el8.1.0+4044+36416a77.ppc64le.rpm | SHA-256: 2ef0dadb839911f6fb556005df57f2531f2dd215e8bd7dceb39370910050c6a4 |
| libecap-debugsource-1.0.1-2.module+el8.1.0+4044+36416a77.ppc64le.rpm | SHA-256: 1cd7655a19f36b9eaf1cc95fd3e85d2f3cfa1a76e9206ca639fb16f14634f3dd |
| libecap-devel-1.0.1-2.module+el8.1.0+4044+36416a77.ppc64le.rpm | SHA-256: 2d8756169558e12e281f18a9da93cc49c525ef908c8f2533f81e3a98b22d1e68 |
| squid-4.15-3.module+el8.6.0+21519+58cab4c1.6.ppc64le.rpm | SHA-256: 3e752b684d4e42bbfd7c4b10ef19d90fea96ea92098f7ba356893c67e74481fb |
| squid-debuginfo-4.15-3.module+el8.6.0+21519+58cab4c1.6.ppc64le.rpm | SHA-256: ee926c3fa168e6c57b0de5ceb2cffdcde8c15af5eb3de8b2bb5786e05f12b9b4 |
| squid-debugsource-4.15-3.module+el8.6.0+21519+58cab4c1.6.ppc64le.rpm | SHA-256: c9b65a02b6ac1e3c62ea61ed499a2346710214d4222a489e5b7be0b36484d839 |
Red Hat Enterprise Linux Server - TUS 8.6
| SRPM | |
|---|---|
| libecap-1.0.1-2.module+el8.1.0+4044+36416a77.src.rpm | SHA-256: 2f43b6316609e9a09ecea6e01089d7d886d0024c1eae28f1c31d87670992f7ff |
| squid-4.15-3.module+el8.6.0+21519+58cab4c1.6.src.rpm | SHA-256: 7ec173b163684b71cbba4c8e3b4704e158e7bdf959895b57f6a213d5dada3c1b |
| x86_64 | |
| libecap-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm | SHA-256: d9d61e2135b220b3d61ae42ef3168afe872f28e6ba90ec1e7c12f99ee0cd09bf |
| libecap-debuginfo-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm | SHA-256: fcf34d948d19d8ceec11c33bfbd410918882c1e2d5f98d317d47f40935a8beca |
| libecap-debugsource-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm | SHA-256: 3a323f9bd1ce4c4fdba3eed2f8c5ab67ef86553708394d3ef6c55c579d339c60 |
| libecap-devel-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm | SHA-256: 1b13a8613f81f5551073df17797db405c70acc0e332bbc915d50459e2e7f4530 |
| squid-4.15-3.module+el8.6.0+21519+58cab4c1.6.x86_64.rpm | SHA-256: 24c82302611296e722d25ef5bd60024bf7737a4dc1101006fd4dc595bdc9c9f0 |
| squid-debuginfo-4.15-3.module+el8.6.0+21519+58cab4c1.6.x86_64.rpm | SHA-256: f6c737d54b80525cc59b1420a2f5f602ad3fabb7e51634fb6cdf067288aacc9c |
| squid-debugsource-4.15-3.module+el8.6.0+21519+58cab4c1.6.x86_64.rpm | SHA-256: db3eb7386eb8cc30408566b11cb99ddfce72a2b8b74d03f3d2a213da4db98e51 |
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6
| SRPM | |
|---|---|
| libecap-1.0.1-2.module+el8.1.0+4044+36416a77.src.rpm | SHA-256: 2f43b6316609e9a09ecea6e01089d7d886d0024c1eae28f1c31d87670992f7ff |
| squid-4.15-3.module+el8.6.0+21519+58cab4c1.6.src.rpm | SHA-256: 7ec173b163684b71cbba4c8e3b4704e158e7bdf959895b57f6a213d5dada3c1b |
| aarch64 | |
| libecap-1.0.1-2.module+el8.1.0+4044+36416a77.aarch64.rpm | SHA-256: 31c61fd165ea82f7e30b0b4f8e9f9fd6a5eae832149c81c14fd706f902fed84a |
| libecap-debuginfo-1.0.1-2.module+el8.1.0+4044+36416a77.aarch64.rpm | SHA-256: 450f2a9aa696793f5c1ffb9e62a89bb182e442404b5915306060cd696dbc71e2 |
| libecap-debugsource-1.0.1-2.module+el8.1.0+4044+36416a77.aarch64.rpm | SHA-256: 835ebb3c576f9b1c5ece2e8b3a5a44c0a87f57b3df4fe793c8d7984953397d63 |
| libecap-devel-1.0.1-2.module+el8.1.0+4044+36416a77.aarch64.rpm | SHA-256: 3313cc4f037084e4f913b10b252a7750d6a5a282930643ad92982e3d1330893a |
| squid-4.15-3.module+el8.6.0+21519+58cab4c1.6.aarch64.rpm | SHA-256: 376b7011e4dbb604e884630d872b59ef0e7db5915c4e9399b617fc3be3a5013a |
| squid-debuginfo-4.15-3.module+el8.6.0+21519+58cab4c1.6.aarch64.rpm | SHA-256: bcf6555d27b978ae24af17181dd67538f541d73b4d94af9049e378083d3cc871 |
| squid-debugsource-4.15-3.module+el8.6.0+21519+58cab4c1.6.aarch64.rpm | SHA-256: 06d95dcf7506e110ce627b106d7734fb6393a32f2cad49cd296698532a7859d7 |
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6
| SRPM | |
|---|---|
| libecap-1.0.1-2.module+el8.1.0+4044+36416a77.src.rpm | SHA-256: 2f43b6316609e9a09ecea6e01089d7d886d0024c1eae28f1c31d87670992f7ff |
| squid-4.15-3.module+el8.6.0+21519+58cab4c1.6.src.rpm | SHA-256: 7ec173b163684b71cbba4c8e3b4704e158e7bdf959895b57f6a213d5dada3c1b |
| ppc64le | |
| libecap-1.0.1-2.module+el8.1.0+4044+36416a77.ppc64le.rpm | SHA-256: 1ba6e6a7a7f64c91b5f49112a2d3437e5a4156c04cb2664d9f06985ffd631fac |
| libecap-debuginfo-1.0.1-2.module+el8.1.0+4044+36416a77.ppc64le.rpm | SHA-256: 2ef0dadb839911f6fb556005df57f2531f2dd215e8bd7dceb39370910050c6a4 |
| libecap-debugsource-1.0.1-2.module+el8.1.0+4044+36416a77.ppc64le.rpm | SHA-256: 1cd7655a19f36b9eaf1cc95fd3e85d2f3cfa1a76e9206ca639fb16f14634f3dd |
| libecap-devel-1.0.1-2.module+el8.1.0+4044+36416a77.ppc64le.rpm | SHA-256: 2d8756169558e12e281f18a9da93cc49c525ef908c8f2533f81e3a98b22d1e68 |
| squid-4.15-3.module+el8.6.0+21519+58cab4c1.6.ppc64le.rpm | SHA-256: 3e752b684d4e42bbfd7c4b10ef19d90fea96ea92098f7ba356893c67e74481fb |
| squid-debuginfo-4.15-3.module+el8.6.0+21519+58cab4c1.6.ppc64le.rpm | SHA-256: ee926c3fa168e6c57b0de5ceb2cffdcde8c15af5eb3de8b2bb5786e05f12b9b4 |
| squid-debugsource-4.15-3.module+el8.6.0+21519+58cab4c1.6.ppc64le.rpm | SHA-256: c9b65a02b6ac1e3c62ea61ed499a2346710214d4222a489e5b7be0b36484d839 |
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6
| SRPM | |
|---|---|
| libecap-1.0.1-2.module+el8.1.0+4044+36416a77.src.rpm | SHA-256: 2f43b6316609e9a09ecea6e01089d7d886d0024c1eae28f1c31d87670992f7ff |
| squid-4.15-3.module+el8.6.0+21519+58cab4c1.6.src.rpm | SHA-256: 7ec173b163684b71cbba4c8e3b4704e158e7bdf959895b57f6a213d5dada3c1b |
| x86_64 | |
| libecap-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm | SHA-256: d9d61e2135b220b3d61ae42ef3168afe872f28e6ba90ec1e7c12f99ee0cd09bf |
| libecap-debuginfo-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm | SHA-256: fcf34d948d19d8ceec11c33bfbd410918882c1e2d5f98d317d47f40935a8beca |
| libecap-debugsource-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm | SHA-256: 3a323f9bd1ce4c4fdba3eed2f8c5ab67ef86553708394d3ef6c55c579d339c60 |
| libecap-devel-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm | SHA-256: 1b13a8613f81f5551073df17797db405c70acc0e332bbc915d50459e2e7f4530 |
| squid-4.15-3.module+el8.6.0+21519+58cab4c1.6.x86_64.rpm | SHA-256: 24c82302611296e722d25ef5bd60024bf7737a4dc1101006fd4dc595bdc9c9f0 |
| squid-debuginfo-4.15-3.module+el8.6.0+21519+58cab4c1.6.x86_64.rpm | SHA-256: f6c737d54b80525cc59b1420a2f5f602ad3fabb7e51634fb6cdf067288aacc9c |
| squid-debugsource-4.15-3.module+el8.6.0+21519+58cab4c1.6.x86_64.rpm | SHA-256: db3eb7386eb8cc30408566b11cb99ddfce72a2b8b74d03f3d2a213da4db98e51 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
