Lucene search
RedHatRHSA-2014:1147HistorySep 03, 2014 - 12:00 a.m.
(RHSA-2014:1147) Important: squid security update
2014-09-0300:00:00
access.redhat.com
22
0.958 High
EPSS
Percentile
99.4%
Squid is a high-performance proxy caching server for web clients,
supporting FTP, Gopher, and HTTP data objects.
A flaw was found in the way Squid handled malformed HTTP Range headers.
A remote attacker able to send HTTP requests to the Squid proxy could use
this flaw to crash Squid. (CVE-2014-3609)
Red Hat would like to thank the Squid project for reporting this issue.
Upstream acknowledges Matthew Daley as the original reporter.
All Squid users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. After installing this
update, the squid service will be restarted automatically.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 7 | s390x | squid | < 3.3.8-12.el7_0 | squid-3.3.8-12.el7_0.s390x.rpm |
| RedHat | 7 | x86_64 | squid-sysvinit | < 3.3.8-12.el7_0 | squid-sysvinit-3.3.8-12.el7_0.x86_64.rpm |
| RedHat | 7 | x86_64 | squid | < 3.3.8-12.el7_0 | squid-3.3.8-12.el7_0.x86_64.rpm |
| RedHat | 7 | ppc64 | squid-sysvinit | < 3.3.8-12.el7_0 | squid-sysvinit-3.3.8-12.el7_0.ppc64.rpm |
| RedHat | 7 | s390x | squid-debuginfo | < 3.3.8-12.el7_0 | squid-debuginfo-3.3.8-12.el7_0.s390x.rpm |
| RedHat | 7 | s390x | squid-sysvinit | < 3.3.8-12.el7_0 | squid-sysvinit-3.3.8-12.el7_0.s390x.rpm |
| RedHat | 7 | ppc64 | squid | < 3.3.8-12.el7_0 | squid-3.3.8-12.el7_0.ppc64.rpm |
| RedHat | 7 | ppc64 | squid-debuginfo | < 3.3.8-12.el7_0 | squid-debuginfo-3.3.8-12.el7_0.ppc64.rpm |
| RedHat | 7 | x86_64 | squid-debuginfo | < 3.3.8-12.el7_0 | squid-debuginfo-3.3.8-12.el7_0.x86_64.rpm |
| RedHat | 7 | src | squid | < 3.3.8-12.el7_0 | squid-3.3.8-12.el7_0.src.rpm |
Related
nessus
nessus
SuSE 11.3 Security Update : squid3 (SAT Patch Number 9729)
2014-09-18 00:00:00
RHEL 7 : squid (RHSA-2014:1147)
2014-09-04 00:00:00
Mandriva Linux Security Advisory : squid (MDVSA-2014:177)
2014-09-12 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-3139-1)
2015-01-24 00:00:00
Debian: Security Advisory (DSA-3014-1)
2014-08-27 00:00:00
Debian Security Advisory DSA 3139-1 (squid - security update)
2015-01-25 00:00:00
cve
cve
CVE-2014-3609
2014-09-11 18:55:05
debian
debian
[SECURITY] [DSA 3139-1] squid security update
2015-01-25 16:37:50
[SECURITY] [DSA 3014-1] squid3 security update
2014-08-28 15:36:10
[SECURITY] [DSA 3139-1] squid security update
2015-01-25 16:37:50
fedora
fedora
[SECURITY] Fedora 20 Update: squid-3.3.13-1.fc20
2014-09-05 22:21:00
[SECURITY] Fedora 21 Update: squid-3.4.7-1.fc21
2014-09-23 04:45:05
[SECURITY] Fedora 20 Update: squid-3.3.13-2.fc20
2014-10-14 04:46:09
ubuntu
ubuntu
Squid 3 vulnerability
2014-08-28 00:00:00
osv
osv
squid3 - security update
2014-08-28 00:00:00
squid - security update
2015-05-01 00:00:00
squid3 - security update
2014-09-04 00:00:00
prion
prion
Design/Logic Flaw
2014-09-11 18:55:00
oraclelinux
oraclelinux
squid security update
2014-09-03 00:00:00
squid security update
2014-09-03 00:00:00
mageia
mageia
Updated squid packages fix CVE-2014-3609
2014-09-05 13:07:37
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:11:40
centos
centos
squid security update
2014-09-03 23:09:15
squid security update
2014-09-03 23:16:08
securityvulns
securityvulns
squid DoS
2014-09-02 00:00:00
[SECURITY] [DSA 3014-1] squid3 security update
2014-09-02 00:00:00
cvelist
cvelist
CVE-2014-3609
2014-09-11 18:00:00
suse
suse
Security update for squid3 (important)
2014-09-18 00:05:25
ubuntucve
ubuntucve
CVE-2014-3609
2014-08-28 00:00:00
checkpoint_advisories
checkpoint_advisories
Squid Range Header Denial of Service (CVE-2014-3609)
2014-09-22 00:00:00
nvd
nvd
CVE-2014-3609
2014-09-11 18:55:05
debiancve
debiancve
CVE-2014-3609
2014-09-11 18:55:05
amazon
amazon
Important: squid
2014-09-17 21:47:00
Important: squid
2014-10-22 20:04:00
redhat
redhat
(RHSA-2014:1148) Important: squid security update
2014-09-03 00:00:00