Red Hat Product Errata RHSA-2025:19118 - Security Advisory
Issued:
2025-10-28
Updated:
2025-10-28

RHSA-2025:19118 - Security Advisory

Synopsis

Important: squid security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for squid is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Squid is a high-performance proxy caching server for web clients, supporting FTP, and HTTP data objects.

Security Fix(es):

  • squid-cache: Squid vulnerable to information disclosure via authentication credential leakage in error handling (CVE-2025-62168)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 s390x

Fixes

  • BZ - 2404736 - CVE-2025-62168 squid-cache: Squid vulnerable to information disclosure via authentication credential leakage in error handling

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0

SRPM
squid-5.2-1.el9_0.9.src.rpm SHA-256: d6181698e3957e09f60f1c068b1d49e142f0933281391b5c5ad7aee870379144
ppc64le
squid-5.2-1.el9_0.9.ppc64le.rpm SHA-256: 9135d2b65b9f68def2d86856837dfe5b21818d29f1137ce164c0502af8a7e9e4
squid-debuginfo-5.2-1.el9_0.9.ppc64le.rpm SHA-256: 6289b9394ca131db9a07327c145efb97f751dfb0e4ab2e6edd71de16eb47565e
squid-debugsource-5.2-1.el9_0.9.ppc64le.rpm SHA-256: deab208ae9e6c1a111ef08bdbb4c5856b009c6fbd7e1f5157c87525b16db84df

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0

SRPM
squid-5.2-1.el9_0.9.src.rpm SHA-256: d6181698e3957e09f60f1c068b1d49e142f0933281391b5c5ad7aee870379144
x86_64
squid-5.2-1.el9_0.9.x86_64.rpm SHA-256: e9cc62b5c91d822a60bd42e8b84921f0508b8d414e5d86da56c8d0bc3fdfc84e
squid-debuginfo-5.2-1.el9_0.9.x86_64.rpm SHA-256: e077e26bdc15f7671826edd711bee182827ecdfb96b83e4ba8ee9430ceaa4e94
squid-debugsource-5.2-1.el9_0.9.x86_64.rpm SHA-256: 1105fbf45f42244979500ba42265976290bc4f0b26d7615cd34e048f7994af3c

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0

SRPM
squid-5.2-1.el9_0.9.src.rpm SHA-256: d6181698e3957e09f60f1c068b1d49e142f0933281391b5c5ad7aee870379144
aarch64
squid-5.2-1.el9_0.9.aarch64.rpm SHA-256: 2c281ad527e546653d9902e7ecdd8094559ac07a06f0dbba927aa043e9d4af20
squid-debuginfo-5.2-1.el9_0.9.aarch64.rpm SHA-256: 3def65d6c3517ded6bcd11c748eb4b94c0dff20b13ef62ae2cf908483f5ed9b2
squid-debugsource-5.2-1.el9_0.9.aarch64.rpm SHA-256: 5e9556d0897e2f8d190de214d2e4698e38e81d4040dbc55cbf48a55199e6ab05

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0

SRPM
squid-5.2-1.el9_0.9.src.rpm SHA-256: d6181698e3957e09f60f1c068b1d49e142f0933281391b5c5ad7aee870379144
s390x
squid-5.2-1.el9_0.9.s390x.rpm SHA-256: f23b8251a44c95a8983cc03139190a20aa302933c64cebc971a7a32406ef7cf5
squid-debuginfo-5.2-1.el9_0.9.s390x.rpm SHA-256: beb7b255f72e556d00b384bf659050201ad1de21bfff841eb40d8b6da84ffbf7
squid-debugsource-5.2-1.el9_0.9.s390x.rpm SHA-256: 112f03ad40ab0c7a697836b69819ed2a08c5943d25f096230e723d60e5d8225a

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.