Release date:
2025-10-30 18:04:01 UTC
Description:
* SECURITY UPDATE: excessive cached HTTP response header size causing worker
process stall or crash
- debian/patches/CVE-2023-5824.patch: Refactor serialized HTTP response header
handling to prevent cache flow
- CVE-2023-5824
* SECURITY UPDATE: Use-After-Free in the HTTP Collapsed Forwarding Feature
- debian/patches/CVE-2023-5824.patch: Removed Use-After-Free during refactor
serialized HTTP response header
- CVE-2023-49288
Updated packages:
-
squid_4.6-1+deb10u10+tuxcare.els2_amd64.deb
sha:61389a7d8d90e0c2aa552e6af168563d306e8180
-
squid-cgi_4.6-1+deb10u10+tuxcare.els2_amd64.deb
sha:049bf2f62618327e6af0aafdcd85d199ecaa6530
-
squid-common_4.6-1+deb10u10+tuxcare.els2_all.deb
sha:77a0b018cd96d82672259c29fcb1ee9991d408e7
-
squid-purge_4.6-1+deb10u10+tuxcare.els2_amd64.deb
sha:9b7eb9d08a392679a227e4585c489e4486660f06
-
squid3_4.6-1+deb10u10+tuxcare.els2_all.deb
sha:969e9b17da22c7ad343e60467ae66c757241d70f
-
squidclient_4.6-1+deb10u10+tuxcare.els2_amd64.deb
sha:a026e9e0418d7c87ca49311681d3508ce5c5977e
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
