Debian Security Advisory
DSA-4873-1 squid -- security update
- Date Reported:
- 23 Mar 2021
- Affected Packages:
- squid
- Vulnerable:
- Yes
- Security database references:
- In the Debian bugtracking system: Bug 985068.
In Mitre's CVE dictionary: CVE-2020-25097. - More information:
-
Jianjun Chen discovered that the Squid proxy caching server was susceptible to HTTP request smuggling.
For the stable distribution (buster), this problem has been fixed in version 4.6-1+deb10u5.
We recommend that you upgrade your squid packages.
For the detailed security status of squid please refer to its security tracker page at: https://security-tracker.debian.org/tracker/squid