Search squid archive

Re: Need squid latest version 4.13 RPM packaged files for centos7 and x86_64 architecture

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Dear Mr. Negi

Reference to email received from Squid forum regarding Squid-4.13 release package by Mr. Amos Jeffries.

See below information. I am planning to upgrade my server by trying it soon

COPIED
........
On Sun, Aug 23, 2020 at 1:35 PM Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote:
The Squid HTTP Proxy team is very pleased to announce the availability
of the Squid-4.13 release!


This release is a security release resolving several issues found in
the prior Squid releases.


The major changes to be aware of:

 * SQUID-2020:8 HTTP(S) Request Splitting
   (CVE-2020-15811)

This problem is serious because it allows any client, including
browser scripts, to bypass local security and poison the browser
cache and any downstream caches with content from an arbitrary
source.

See the advisory for patches:
 <https://github.com/squid-cache/squid/security/advisories/GHSA-c7p8-xqhm-49wv>


 * SQUID-2020:9 Denial of Service processing Cache Digest Response
   (CVE pending allocation)

This problem allows a trusted peer to deliver to perform Denial
of Service by consuming all available CPU cycles on the machine
running Squid when handling a crafted Cache Digest response
message.

This attack is limited to Squid using cache_peer with cache
digests feature.

See the advisory for patches:
 <https://github.com/squid-cache/squid/security/advisories/GHSA-vvj7-xjgq-g2jg>


 * SQUID-2020:10 HTTP(S) Request Smuggling
   (CVE-2020-15810)

This problem is serious because it allows any client, including
browser scripts, to bypass local security and poison the proxy
cache and any downstream caches with content from an arbitrary
source.


See the advisory for patches:
 <https://github.com/squid-cache/squid/security/advisories/GHSA-3365-q9qx-f98m>


 * Bug 5051: Some collapsed revalidation responses never expire

This bug appears as a 4xx or 5xx status response becoming the only
response delivered by Squid to a URL when Collapsed Forwarding
feature is used.

It primarily affects Squid which are caching the 4xx/5xx status
object since Bug 5030 fix in Squid-4.11. But may have been
occurring for short times on any proxy with Collapsed Forwarding.



 * SSL-Bump: Support parsing GREASEd (and future) TLS handshakes

Chrome Browser intentionally sends random garbage values in the
TLS handshake to force TLS implementations to cope with future TLS
extensions cleanly. The changes in Squid-4.12 to disable TLS/1.3
caused our parser to be extra strict and reject this TLS garbage.

This release adds explicit support for Chrome, or any other TLS
agent performing these "GREASE" behaviours.


 * Honor on_unsupported_protocol for intercepted https_port

This behaviour was one of the intended use-cases for unsupported
protocol handling, but somehow was not enabled earlier.

Squid should now be able to perform the on_unsupported_protocol
selected action for any traffic handled by SSL-Bump.


  All users of Squid are urged to upgrade as soon as possible.


See the ChangeLog for the full list of changes in this and earlier
releases.

Please refer to the release notes at
http://www.squid-cache.org/Versions/v4/RELEASENOTES.html
when you are ready to make the switch to Squid-4

This new release can be downloaded from our HTTP or FTP servers

  http://www.squid-cache.org/Versions/v4/
  ftp://ftp.squid-cache.org/pub/squid/
  ftp://ftp.squid-cache.org/pub/archive/4/

or the mirrors. For a list of mirror sites see

  http://www.squid-cache.org/Download/http-mirrors.html
  http://www.squid-cache.org/Download/mirrors.html

If you encounter any issues with this release please file a bug report.
  http://bugs.squid-cache.org/


Amos Jeffries
_______________________________________________
squid-announce mailing list
squid-announce@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-announce


On Mon, Aug 24, 2020 at 9:07 AM <rahul.negi@xxxxxxxxxx> wrote:

Hi Team,

Can anyone please share squid latest stable version 4.13 RPM packaged  files for CentOS7  distribution and x86_64 architecture.

 

Thanks and Regards,

Rahul Negi

 

_________________________________________________________________________________________________________________________

Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users


--
With Regards,


Arsalan Hussain
Assistant Director, Networks & Information System

PRESTON UNIVERSITY
 

Complaining is finding faults, wisdom is finding solutions

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux