Red Hat Product Errata RHSA-2024:9625 - Security Advisory
Issued:
2024-11-14
Updated:
2024-11-14

RHSA-2024:9625 - Security Advisory

Synopsis

Important: squid security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for squid is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.

Security Fix(es):

  • squid: Denial of Service processing ESI response content (CVE-2024-45802)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.6 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
  • Red Hat Enterprise Linux for ARM 64 9 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x

Fixes

  • BZ - 2322154 - CVE-2024-45802 squid: Denial of Service processing ESI response content

Red Hat Enterprise Linux for x86_64 9

SRPM
squid-5.5-14.el9_5.3.src.rpm SHA-256: d183920a63da684d50633f0cefad718ecf919acdaff5e911e1817102c0ed969a
x86_64
squid-5.5-14.el9_5.3.x86_64.rpm SHA-256: 29e3e2bc36db7e8b54da5c41de1fefc693a629d080ec597bb3547923e424026a
squid-debuginfo-5.5-14.el9_5.3.x86_64.rpm SHA-256: 05b92260374dd2002ce9a360149815430cdb22a0c74628cdf70ffc244a8f4fc6
squid-debugsource-5.5-14.el9_5.3.x86_64.rpm SHA-256: 60b36e773bf5d0923633912c371d67b6961a00fe810e452aa6a57196882e4a55

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6

SRPM
squid-5.5-14.el9_5.3.src.rpm SHA-256: d183920a63da684d50633f0cefad718ecf919acdaff5e911e1817102c0ed969a
x86_64
squid-5.5-14.el9_5.3.x86_64.rpm SHA-256: 29e3e2bc36db7e8b54da5c41de1fefc693a629d080ec597bb3547923e424026a
squid-debuginfo-5.5-14.el9_5.3.x86_64.rpm SHA-256: 05b92260374dd2002ce9a360149815430cdb22a0c74628cdf70ffc244a8f4fc6
squid-debugsource-5.5-14.el9_5.3.x86_64.rpm SHA-256: 60b36e773bf5d0923633912c371d67b6961a00fe810e452aa6a57196882e4a55

Red Hat Enterprise Linux Server - AUS 9.6

SRPM
squid-5.5-14.el9_5.3.src.rpm SHA-256: d183920a63da684d50633f0cefad718ecf919acdaff5e911e1817102c0ed969a
x86_64
squid-5.5-14.el9_5.3.x86_64.rpm SHA-256: 29e3e2bc36db7e8b54da5c41de1fefc693a629d080ec597bb3547923e424026a
squid-debuginfo-5.5-14.el9_5.3.x86_64.rpm SHA-256: 05b92260374dd2002ce9a360149815430cdb22a0c74628cdf70ffc244a8f4fc6
squid-debugsource-5.5-14.el9_5.3.x86_64.rpm SHA-256: 60b36e773bf5d0923633912c371d67b6961a00fe810e452aa6a57196882e4a55

Red Hat Enterprise Linux for IBM z Systems 9

SRPM
squid-5.5-14.el9_5.3.src.rpm SHA-256: d183920a63da684d50633f0cefad718ecf919acdaff5e911e1817102c0ed969a
s390x
squid-5.5-14.el9_5.3.s390x.rpm SHA-256: 84254e83e61ead1b55163c494b33274c84da96ba22f6c42e3bbadd981c700dc9
squid-debuginfo-5.5-14.el9_5.3.s390x.rpm SHA-256: 7526bdf2168d4c7fcd21c9fa3e1511425999ab8349903b3f9409aac524180179
squid-debugsource-5.5-14.el9_5.3.s390x.rpm SHA-256: e4af209f47d73331da11405d7787d84b9afd2c8f08d982ba9330a6734a5b34e7

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6

SRPM
squid-5.5-14.el9_5.3.src.rpm SHA-256: d183920a63da684d50633f0cefad718ecf919acdaff5e911e1817102c0ed969a
s390x
squid-5.5-14.el9_5.3.s390x.rpm SHA-256: 84254e83e61ead1b55163c494b33274c84da96ba22f6c42e3bbadd981c700dc9
squid-debuginfo-5.5-14.el9_5.3.s390x.rpm SHA-256: 7526bdf2168d4c7fcd21c9fa3e1511425999ab8349903b3f9409aac524180179
squid-debugsource-5.5-14.el9_5.3.s390x.rpm SHA-256: e4af209f47d73331da11405d7787d84b9afd2c8f08d982ba9330a6734a5b34e7

Red Hat Enterprise Linux for Power, little endian 9

SRPM
squid-5.5-14.el9_5.3.src.rpm SHA-256: d183920a63da684d50633f0cefad718ecf919acdaff5e911e1817102c0ed969a
ppc64le
squid-5.5-14.el9_5.3.ppc64le.rpm SHA-256: 4f9ef4a1d04b07d5b583a824ef2f35c9ba21afe64ec883bdaacf482a5b47031a
squid-debuginfo-5.5-14.el9_5.3.ppc64le.rpm SHA-256: ed454b303bfe52e3f1577085613a0ce9d9a4ef4c27aa72cf270c4c55d066e5e9
squid-debugsource-5.5-14.el9_5.3.ppc64le.rpm SHA-256: 8a8322a73c9bb6ef7b71b5de25c261b2f26ed8afaacf3ec933264b89824d0301

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6

SRPM
squid-5.5-14.el9_5.3.src.rpm SHA-256: d183920a63da684d50633f0cefad718ecf919acdaff5e911e1817102c0ed969a
ppc64le
squid-5.5-14.el9_5.3.ppc64le.rpm SHA-256: 4f9ef4a1d04b07d5b583a824ef2f35c9ba21afe64ec883bdaacf482a5b47031a
squid-debuginfo-5.5-14.el9_5.3.ppc64le.rpm SHA-256: ed454b303bfe52e3f1577085613a0ce9d9a4ef4c27aa72cf270c4c55d066e5e9
squid-debugsource-5.5-14.el9_5.3.ppc64le.rpm SHA-256: 8a8322a73c9bb6ef7b71b5de25c261b2f26ed8afaacf3ec933264b89824d0301

Red Hat Enterprise Linux for ARM 64 9

SRPM
squid-5.5-14.el9_5.3.src.rpm SHA-256: d183920a63da684d50633f0cefad718ecf919acdaff5e911e1817102c0ed969a
aarch64
squid-5.5-14.el9_5.3.aarch64.rpm SHA-256: 43398945e0272b989212f5dc4b3b2538bd154484c7699f4a2d2dac5190d9e459
squid-debuginfo-5.5-14.el9_5.3.aarch64.rpm SHA-256: 3079550b97950c410b2ef5a1fff2263d5dbdc4a245e7b8deda6bcd2f7f9734e4
squid-debugsource-5.5-14.el9_5.3.aarch64.rpm SHA-256: 06899c97a2b4b8cacdf48b34d3c249491d261c189f9d145884b706d7a4bc7e7a

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6

SRPM
squid-5.5-14.el9_5.3.src.rpm SHA-256: d183920a63da684d50633f0cefad718ecf919acdaff5e911e1817102c0ed969a
aarch64
squid-5.5-14.el9_5.3.aarch64.rpm SHA-256: 43398945e0272b989212f5dc4b3b2538bd154484c7699f4a2d2dac5190d9e459
squid-debuginfo-5.5-14.el9_5.3.aarch64.rpm SHA-256: 3079550b97950c410b2ef5a1fff2263d5dbdc4a245e7b8deda6bcd2f7f9734e4
squid-debugsource-5.5-14.el9_5.3.aarch64.rpm SHA-256: 06899c97a2b4b8cacdf48b34d3c249491d261c189f9d145884b706d7a4bc7e7a

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6

SRPM
squid-5.5-14.el9_5.3.src.rpm SHA-256: d183920a63da684d50633f0cefad718ecf919acdaff5e911e1817102c0ed969a
ppc64le
squid-5.5-14.el9_5.3.ppc64le.rpm SHA-256: 4f9ef4a1d04b07d5b583a824ef2f35c9ba21afe64ec883bdaacf482a5b47031a
squid-debuginfo-5.5-14.el9_5.3.ppc64le.rpm SHA-256: ed454b303bfe52e3f1577085613a0ce9d9a4ef4c27aa72cf270c4c55d066e5e9
squid-debugsource-5.5-14.el9_5.3.ppc64le.rpm SHA-256: 8a8322a73c9bb6ef7b71b5de25c261b2f26ed8afaacf3ec933264b89824d0301

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6

SRPM
squid-5.5-14.el9_5.3.src.rpm SHA-256: d183920a63da684d50633f0cefad718ecf919acdaff5e911e1817102c0ed969a
x86_64
squid-5.5-14.el9_5.3.x86_64.rpm SHA-256: 29e3e2bc36db7e8b54da5c41de1fefc693a629d080ec597bb3547923e424026a
squid-debuginfo-5.5-14.el9_5.3.x86_64.rpm SHA-256: 05b92260374dd2002ce9a360149815430cdb22a0c74628cdf70ffc244a8f4fc6
squid-debugsource-5.5-14.el9_5.3.x86_64.rpm SHA-256: 60b36e773bf5d0923633912c371d67b6961a00fe810e452aa6a57196882e4a55

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6

SRPM
squid-5.5-14.el9_5.3.src.rpm SHA-256: d183920a63da684d50633f0cefad718ecf919acdaff5e911e1817102c0ed969a
aarch64
squid-5.5-14.el9_5.3.aarch64.rpm SHA-256: 43398945e0272b989212f5dc4b3b2538bd154484c7699f4a2d2dac5190d9e459
squid-debuginfo-5.5-14.el9_5.3.aarch64.rpm SHA-256: 3079550b97950c410b2ef5a1fff2263d5dbdc4a245e7b8deda6bcd2f7f9734e4
squid-debugsource-5.5-14.el9_5.3.aarch64.rpm SHA-256: 06899c97a2b4b8cacdf48b34d3c249491d261c189f9d145884b706d7a4bc7e7a

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6

SRPM
squid-5.5-14.el9_5.3.src.rpm SHA-256: d183920a63da684d50633f0cefad718ecf919acdaff5e911e1817102c0ed969a
s390x
squid-5.5-14.el9_5.3.s390x.rpm SHA-256: 84254e83e61ead1b55163c494b33274c84da96ba22f6c42e3bbadd981c700dc9
squid-debuginfo-5.5-14.el9_5.3.s390x.rpm SHA-256: 7526bdf2168d4c7fcd21c9fa3e1511425999ab8349903b3f9409aac524180179
squid-debugsource-5.5-14.el9_5.3.s390x.rpm SHA-256: e4af209f47d73331da11405d7787d84b9afd2c8f08d982ba9330a6734a5b34e7

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.