| Package | squid3 |
|---|---|
| Version | 3.5.23-5+deb8u4 |
| Related CVEs | CVE-2021-28651 CVE-2021-28652 CVE-2021-31806 CVE-2021-31807 CVE-2021-31808 CVE-2021-33620 |
Joshua Rogers discovered several vulnerabilities in Squid, a proxy caching server. An attacker could cause Denial of Service (DoS).
-
CVE-2021-28651
Denial of Service in URN processing.
-
CVE-2021-28652
Denial of Service issue in Cache Manager.
-
CVE-2021-31806, CVE-2021-31807, CVE-2021-31808
Multiple Issues in HTTP Range header.
-
CVE-2021-33620
Denial of Service in HTTP Response processing.
For Debian 8 jessie, these problems have been fixed in version 3.5.23-5+deb8u4.
We recommend that you upgrade your squid3 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.