Hello, Recently i have seen some Cache poisoning specially on android captive portal detection sites . My squid was 3.5.19 (from https://packages.debian.org/stretch/squid) on Ubuntu Linux 16.04 . Then i have upgraded to latest version 3.5.23 (from https://packages.debian.org/stretch/squid) and purged specific pages but again i can see cache poisoning on same pages . http://connectivitycheck.gstatic.com/generate_204 http://clients3.google.com/generate_204 http://172.217.20.206/generate_204 http://clients1.google.com/generate_204 http://google.com/generate_204 -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Cache-poisoning-vulnerability-3-5-23-tp4683215.html Sent from the Squid - Users mailing list archive at Nabble.com. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users