Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Ubuntu 20.04 LTS USN-6728-2 Critical: Squid Regression Issues

ubuntu
Calendar Grey April 11, 2024
Dist Ubuntu Esm H88
Ubuntu Security Alert USN-6729-1 addresses a critical issue in OpenSSL, impacting Ubuntu 18.04 with potential data exposure.
USN-6728-1 introduced a regression in Squid.

Summary

USN-6728-1 introduced a regression in Squid.

Software Description:

- squid: Web proxy cache server

Details:

USN-6728-1 fixed vulnerabilities in Squid. The fix for CVE-2023-5824 caused

Squid to crash in certain environments on Ubuntu 20.04 LTS. The problematic

fix has been reverted pending further investigation.

We apologize for the inconvenience.

Original advisory details:

Joshua Rogers discovered that Squid incorrectly handled collapsed

forwarding. A remote attacker could possibly use this issue to cause Squid

to crash, resulting in a denial of service. This issue only affected Ubuntu

20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-49288)

Joshua Rogers discovered that Squid incorrectly handled certain structural

elements. A remote attacker could possibly use this issue to cause Squid to

crash, resulting in a denial of service. (CVE-2023-5824)

Joshua Rogers discovered that Squid incorrectly handled Cache Manager error

responses. A remote ...

Read the Full Advisory

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
   squid                           4.10-1ubuntu1.11

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-6728-2

https://ubuntu.com/security/notices/USN-6728-1

https://bugs.launchpad.net/ubuntu/+source/squid/+bug/2060880

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-6728-2

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here