squid:4 security update
エラータID: AXSA:2026-463:01
リリース日:
2026/04/19 Sunday - 14:05
題名:
squid:4 security update
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- Squid には、メモリ領域の解放後利用の問題があるため、リモート
の攻撃者により、サービス拒否攻撃 (DoS) を可能とする脆弱性が存在
します。(CVE-2026-32748)
- Squid には、メモリ領域の解放後利用の問題があるため、リモートの
攻撃者により、サービス拒否攻撃を可能とする脆弱性が存在します。
(CVE-2026-33526)
Modularity name: squid
Stream name: 4
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2026-32748
Squid is a caching proxy for the Web. Prior to version 7.5, due to premature release of resource during expected lifetime and heap Use-After-Free bugs, Squid is vulnerable to Denial of Service when handling ICP traffic. This problem allows a remote attacker to perform a reliable and repeatable Denial of Service attack against the Squid service using ICP protocol. This attack is limited to Squid deployments that explicitly enable ICP support (i.e. configure non-zero `icp_port`). This problem _cannot_ be mitigated by denying ICP queries using `icp_access` rules. This bug is fixed in Squid version 7.5.
Squid is a caching proxy for the Web. Prior to version 7.5, due to premature release of resource during expected lifetime and heap Use-After-Free bugs, Squid is vulnerable to Denial of Service when handling ICP traffic. This problem allows a remote attacker to perform a reliable and repeatable Denial of Service attack against the Squid service using ICP protocol. This attack is limited to Squid deployments that explicitly enable ICP support (i.e. configure non-zero `icp_port`). This problem _cannot_ be mitigated by denying ICP queries using `icp_access` rules. This bug is fixed in Squid version 7.5.
CVE-2026-33526
Squid is a caching proxy for the Web. Prior to version 7.5, due to heap Use-After-Free, Squid is vulnerable to Denial of Service when handling ICP traffic. This problem allows a remote attacker to perform a reliable and repeatable Denial of Service attack against the Squid service using ICP protocol. This attack is limited to Squid deployments that explicitly enable ICP support (i.e. configure non-zero `icp_port`). This problem _cannot_ be mitigated by denying ICP queries using `icp_access` rules. Version 7.5 contains a patch.
Squid is a caching proxy for the Web. Prior to version 7.5, due to heap Use-After-Free, Squid is vulnerable to Denial of Service when handling ICP traffic. This problem allows a remote attacker to perform a reliable and repeatable Denial of Service attack against the Squid service using ICP protocol. This attack is limited to Squid deployments that explicitly enable ICP support (i.e. configure non-zero `icp_port`). This problem _cannot_ be mitigated by denying ICP queries using `icp_access` rules. Version 7.5 contains a patch.
追加情報:
N/A
ダウンロード:
SRPMS
- libecap-1.0.1-2.module+el8+1973+602a2ddd.src.rpm
MD5: 95c4c125105f8f605aa52f7d42883ee1
SHA-256: 9a58d2d0b3f9fbdb7784ee94ba00702ec4c79de6ff1ea246b11cb577740610cd
Size: 343.56 kB - squid-4.15-10.module+el8+1973+602a2ddd.11.src.rpm
MD5: a1302285075e166b478e835dc56c8ecd
SHA-256: dd64e6c3ccdf89354652f31de0ef584240cb302a7a313736cdf7ce9390cdf70f
Size: 2.52 MB
Asianux Server 8 for x86_64
- libecap-1.0.1-2.module+el8+1973+602a2ddd.x86_64.rpm
MD5: 327fb272dbce2e8372cfacf958078001
SHA-256: e5703b2e5aad4c86fbb30cce4dfc1faf4b1d56fd461c0e707275f2c5f6c2145b
Size: 27.74 kB - libecap-debugsource-1.0.1-2.module+el8+1973+602a2ddd.x86_64.rpm
MD5: 2df93d944e442e4d1c352fe1b18d0f23
SHA-256: f22bb6f2ef73843109c4587725f3130d480a5b15d3cf5f8c3a94cd689b69333a
Size: 18.90 kB - libecap-devel-1.0.1-2.module+el8+1973+602a2ddd.x86_64.rpm
MD5: dbc5555d1b85e9080d782a6f59cb167b
SHA-256: 52fb63766d1fa2ff14fc85a2fc19ac77cace45539239da973b2bd0504ffded10
Size: 20.44 kB - squid-4.15-10.module+el8+1973+602a2ddd.11.x86_64.rpm
MD5: 4ca88ee38385f77840e644e03ebec0be
SHA-256: 1c393c076701019cc73b68da31adfdff41ed4df034870ca3d77878239486496e
Size: 3.35 MB - squid-debugsource-4.15-10.module+el8+1973+602a2ddd.11.x86_64.rpm
MD5: a4aa9f2bcbc749fe51903e3dd78b5c4f
SHA-256: 9a13b8079940af49049961511c25044bcde26592ba1a7905801d9bff5e3568cf
Size: 1.71 MB
English