Fedora alert FEDORA-2026-c0590bd498 (squid)
| From: | updates--- via package-announce <package-announce@lists.fedoraproject.org> | |
| To: | package-announce@lists.fedoraproject.org | |
| Subject: | [SECURITY] Fedora 44 Update: squid-7.5-1.fc44 | |
| Date: | Wed, 06 May 2026 00:51:16 +0000 | |
| Message-ID: | <20260506005116.48F177655D@bastion01.rdu3.fedoraproject.org> | |
| Archive-link: | Article |
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-c0590bd498 2026-05-06 00:48:51.045777+00:00 -------------------------------------------------------------------------------- Name : squid Product : Fedora 44 Version : 7.5 Release : 1.fc44 URL : http://www.squid-cache.org Summary : The Squid proxy caching server Description : Squid is a high-performance proxy caching server for Web clients, supporting FTP and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. -------------------------------------------------------------------------------- Update Information: new version 7.5 security update -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 27 2026 Luboš Uhliarik <luhliari@redhat.com> - 7:7.5-1 - new version 7.5 - Add tmpfiles.d rules for /var directories (bootc compatibility) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2431445 - squid-7.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2431445 [ 2 ] Bug #2451599 - CVE-2026-33526 squid: Squid: Denial of Service via heap Use-After-Free vulnerability in ICP handling [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2451599 [ 3 ] Bug #2451601 - CVE-2026-32748 squid: Squid: Denial of Service via crafted ICP traffic [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2451601 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-c0590bd498' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgr... All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------
Attachment: None (type=text/plain)
-- _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-cond... List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-ann... Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new