Multiple vulnerabilities have been found in Squid which allow for remote Denial of Service attacks.
Package | net-proxy/squid on all architectures |
---|---|
Affected versions | < 2.7.6 |
Unaffected versions | >= 2.7.6 |
Squid is a full-featured web proxy cache.
The issues allows for Denial of Service attacks against the service via an HTTP request with an invalid version number and other specially crafted requests.
There is no known workaround at this time.
All Squid users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-proxy/squid-2.7.6"