Issued:: 2025-11-10
Updated:: 2025-11-10

RHSA-2025:19967 - Security Advisory

Overview
Updated Packages

Synopsis

Important: squid:4 security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Squid is a high-performance proxy caching server for web clients, supporting FTP, and HTTP data objects.

Security Fix(es):

squid-cache: Squid vulnerable to information disclosure via authentication credential leakage in error handling (CVE-2025-62168)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server - AUS 8.2 x86_64

Fixes

BZ - 2404736 - CVE-2025-62168 squid-cache: Squid vulnerable to information disclosure via authentication credential leakage in error handling

CVEs

CVE-2025-62168

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 8.2

SRPM
libecap-1.0.1-2.module+el8.1.0+4044+36416a77.src.rpm	SHA-256: 2f43b6316609e9a09ecea6e01089d7d886d0024c1eae28f1c31d87670992f7ff
squid-4.4-8.module+el8.2.0+23601+6cdb820c.11.src.rpm	SHA-256: dbb0cc53e64bc6af08c778ec5e3853793a4814628fadb0dcca417cf8424068b1
x86_64
libecap-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm	SHA-256: d9d61e2135b220b3d61ae42ef3168afe872f28e6ba90ec1e7c12f99ee0cd09bf
libecap-debuginfo-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm	SHA-256: fcf34d948d19d8ceec11c33bfbd410918882c1e2d5f98d317d47f40935a8beca
libecap-debugsource-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm	SHA-256: 3a323f9bd1ce4c4fdba3eed2f8c5ab67ef86553708394d3ef6c55c579d339c60
libecap-devel-1.0.1-2.module+el8.1.0+4044+36416a77.x86_64.rpm	SHA-256: 1b13a8613f81f5551073df17797db405c70acc0e332bbc915d50459e2e7f4530
squid-4.4-8.module+el8.2.0+23601+6cdb820c.11.x86_64.rpm	SHA-256: 53565f0ed8a722dc21338aaff958f583d19728f5c3bbef1ca981f23b4f6f9922
squid-debuginfo-4.4-8.module+el8.2.0+23601+6cdb820c.11.x86_64.rpm	SHA-256: 5730cc32bf8ed38effc045a6b8ff8b011743df321de8dbaa09a2de9bccf49c98
squid-debugsource-4.4-8.module+el8.2.0+23601+6cdb820c.11.x86_64.rpm	SHA-256: f67abca25c073e0fe54f5edff7477817e9308e878f774d7bc611a223d8c67cdd

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation