Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Ubuntu: Squid Important Information Disclosure USN-7845-1 CVE-2025-62168

ubuntu
Calendar Grey October 28, 2025
Dist Ubuntu Esm H88
Ubuntu Security Notice USN-7845-1 addresses Squid vulnerability allowing unintended network access to sensitive information.
Squid would allow unintended access to sensitive information over the network.

Summary

Squid would allow unintended access to sensitive information over the

network.

Software Description:

- squid: Web proxy cache server

- squid3: Web proxy cache server

Details:

Leonardo Giovannini discovered that Squid failed to redact HTTP

Authentication credentials in a default configuration. An attacker could

possibly use this issue to obtain sensitive information.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.10
  squid                           6.13-1ubuntu4.1

Ubuntu 25.04
  squid                           6.13-1ubuntu1.2

Ubuntu 24.04 LTS
  squid                           6.13-0ubuntu0.24.04.3

Ubuntu 22.04 LTS
  squid                           5.9-0ubuntu0.22.04.4

Ubuntu 20.04 LTS
  squid                           4.10-1ubuntu1.13+esm1
                                  Available with Ubuntu Pro

Ubuntu 18.04 LTS
  squid                           3.5.27-1ubuntu1.14+esm4
                                  Available with Ubuntu Pro
  squid3                          3.5.27-1ubuntu1.14+esm4
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS
  squid                           3.5.12-1ubuntu7.16+esm5
                                  Available with Ubuntu Pro
  squid3                          3.5.12-1ubuntu7.16+esm5
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7845-1

CVE-2025-62168

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7845-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here