Package "squid-common"

Name:	squid-common
Description:	Full featured Web Proxy cache (HTTP proxy) - common files
Latest version:	5.9-0ubuntu0.22.04.7
Release:	jammy (22.04)
Level:	updates
Repository:	main
Head package:	squid
Homepage:	http://www.squid-cache.org

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "squid-common"

All arch deb package

APT INSTALL

Other versions of "squid-common" in Jammy

Repository	Area	Version
base	main	5.2-1ubuntu4
security	main	5.9-0ubuntu0.22.04.7

Changelog

Version: 5.9-0ubuntu0.22.04.7 2026-06-16 20:07:33 UTC

Version: 5.9-0ubuntu0.22.04.7	2026-06-16 20:07:33 UTC
squid (5.9-0ubuntu0.22.04.7) jammy-security; urgency=medium * SECURITY UPDATE: Out-of-bounds Read attack against the FTP gateway - debian/patches/CVE-2026-47729.patch: Improve parsing of certain FTP directory listing formats in src/clients/FtpGateway.cc. - CVE-2026-47729 * SECURITY UPDATE: Heap-based Buffer Overflow attack against cache digests - debian/patches/CVE-2026-50012-1.patch: Harden peerDigestSwapInMask against invalid cache digest reply in src/peer_digest.cc. - debian/patches/CVE-2026-50012-2.patch: Fix -Wsign-compare on arm32 in src/peer_digest.cc. - CVE-2026-50012 -- Marc Deslauriers <email address hidden> Sat, 13 Jun 2026 10:32:21 -0400
Source diff to previous version

squid (5.9-0ubuntu0.22.04.7) jammy-security; urgency=medium * SECURITY UPDATE: Out-of-bounds Read attack against the FTP gateway - debian/patches/CVE-2026-47729.patch: Improve parsing of certain FTP directory listing formats in src/clients/FtpGateway.cc. - CVE-2026-47729 * SECURITY UPDATE: Heap-based Buffer Overflow attack against cache digests - debian/patches/CVE-2026-50012-1.patch: Harden peerDigestSwapInMask against invalid cache digest reply in src/peer_digest.cc. - debian/patches/CVE-2026-50012-2.patch: Fix -Wsign-compare on arm32 in src/peer_digest.cc. - CVE-2026-50012 -- Marc Deslauriers <email address hidden> Sat, 13 Jun 2026 10:32:21 -0400

Source diff to previous version

Version: 5.9-0ubuntu0.22.04.5 2026-04-09 05:09:43 UTC

squid (5.9-0ubuntu0.22.04.5) jammy-security; urgency=medium * SECURITY UPDATE: use-after-free via ICP protocol - debian/patches/CVE-2026-32748.patch: fix HttpRequest lifetime for ICP v3 queries in src/ICP.h, src/icp_v2.cc, src/icp_v3.cc, src/tests/stub_icp.cc. - CVE-2026-32748 * SECURITY UPDATE: out-of-bounds read via ICP protocol - debian/patches/CVE-2026-33515.patch: fix validation of packet sizes and URLs in src/ICP.h, src/icp_v2.cc, src/icp_v3.cc, src/tests/stub_icp.cc. - CVE-2026-33515 * SECURITY UPDATE: use-after-free via ICP protocol - debian/patches/CVE-2026-33526.patch: do not escape malformed URI twice when sending ICP errors in src/icp_v2.cc. - CVE-2026-33526 -- Marc Deslauriers <email address hidden> Thu, 02 Apr 2026 14:27:26 -0400

Source diff to previous version

CVE-2026-32748	Squid is a caching proxy for the Web. Prior to version 7.5, due to premature release of resource during expected lifetime and heap Use-After-Free bug
CVE-2026-33515	Squid is a caching proxy for the Web. Prior to version 7.5, due to improper input validation, Squid is vulnerable to out of bounds read when handling
CVE-2026-33526	Squid is a caching proxy for the Web. Prior to version 7.5, due to heap Use-After-Free, Squid is vulnerable to Denial of Service when handling ICP tr

Version: 5.9-0ubuntu0.22.04.4 2025-10-29 15:07:28 UTC

squid (5.9-0ubuntu0.22.04.4) jammy-security; urgency=medium * SECURITY UPDATE: HTTP Authentication credential leak - debian/patches/CVE-2025-62168.patch: Add maskSensitiveInfo parameter to pack and pass it to packInto in src/HttpRequest.cc. Add maskSensitiveInfo to pack in src/HttpRequest.h. Adapt code with new parameter in src/client_side_reply.cc, and src/errorpage.cc. Remove request_hdr NULL assign in src/errorpage.h. - CVE-2025-62168 -- Hlib Korzhynskyy <email address hidden> Mon, 27 Oct 2025 12:58:52 -0230

Source diff to previous version

CVE-2025-62168

Squid is a caching proxy for the Web. In Squid versions prior to 7.2, a failure to redact HTTP authentication credentials in error handling allows in

Version: 5.9-0ubuntu0.22.04.3 2025-10-06 19:07:27 UTC

squid (5.9-0ubuntu0.22.04.3) jammy-security; urgency=medium * SECURITY UPDATE: ASN.1 encoding mishandling - debian/patches/CVE-2025-59362.patch: fix ASN.1 encoding of long SNMP OIDs in lib/snmplib/asn1.c. - CVE-2025-59362 -- Marc Deslauriers <email address hidden> Fri, 03 Oct 2025 09:35:24 -0400

Source diff to previous version

CVE-2025-59362

Squid through 7.1 mishandles ASN.1 encoding of long SNMP OIDs. This occurs in asn_build_objid in lib/snmplib/asn1.c.

Version: 5.9-0ubuntu0.22.04.2 2024-07-22 13:07:03 UTC

squid (5.9-0ubuntu0.22.04.2) jammy-security; urgency=medium * SECURITY UPDATE: DoS in ESI processing using multi-byte characters - debian/patches/CVE-2024-37894.patch: fix variable datatype to handle variables names outside standard ASCII characters - CVE-2024-37894 -- Vyom Yadav <email address hidden> Tue, 09 Jul 2024 15:49:37 +0530

CVE-2024-37894

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Out-of-bounds Write error when assigning ESI variables, Squid i

About - Send Feedback to @ubuntu_updates

Package "squid-common"

Links

Download "squid-common"

Other versions of "squid-common" in Jammy

Changelog

Share this page

Bookmarks

Latest updates

updates

PPA updates