squid-3.5.20-2.el7

Squid is a high-performance proxy caching server for Web clients,
supporting FTP, gopher, and HTTP data objects. Unlike traditional
caching software, Squid handles all requests in a single,
non-blocking, I/O-driven process. Squid keeps meta data and especially
hot objects cached in RAM, caches DNS lookups, supports non-blocking
DNS lookups, and implements negative caching of failed requests.

Squid consists of a main server program squid, a Domain Name System
lookup program (dnsserver), a program for retrieving FTP data
(ftpget), and some management and client tools.

Security issues fixed with this release:

CVE-2016-2569
Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not properly append
data to String objects, which allows remote servers to cause a denial
of service (assertion failure and daemon exit) via a long string, as
demonstrated by a crafted HTTP Vary header.
CVE-2016-2570
The Edge Side Includes (ESI) parser in Squid 3.x before 3.5.15 and 4.x
before 4.0.7 does not check buffer limits during XML parsing, which
allows remote HTTP servers to cause a denial of service (assertion
failure and daemon exit) via a crafted XML document, related to
esi/CustomParser.cc and esi/CustomParser.h.
CVE-2016-2571
http.cc in Squid 3.x before 3.5.15 and 4.x before 4.0.7 proceeds with
the storage of certain data after a response-parsing failure, which
allows remote HTTP servers to cause a denial of service (assertion
failure and daemon exit) via a malformed response.
CVE-2016-2572
http.cc in Squid 4.x before 4.0.7 relies on the HTTP status code after
a response-parsing failure, which allows remote HTTP servers to cause
a denial of service (assertion failure and daemon exit) via a
malformed response.
CVE-2016-3948
Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds
checking, which allows remote attackers to cause a denial of service
via a crafted HTTP response, related to Vary headers.

The following packages have been upgraded to a newer upstream version: squid (3.5.20).
Additional Changes: