ELSA-2026-8880 - squid security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2026-05-19 |
Description
[7:3.5.20-17.0.11.13]
- Security update for CVE-2026-32748 CVE-2026-33526 [Orabug: 39230173]
[7:3.5.20-17.0.9.13]
- Fixes CVE-2025-62168, squid: Squid vulnerable to information disclosure via
- authentication credential leakage in error handling [Orabug: 38587551]
[7:3.5.20-17.0.7.13]
- Fixes CVE-2025-54574, add URN access disabling config options [Orabug: 38350105]
[7:3.5.20-17.0.5.13]
- Fixed cve 2023-46846 for http and icap request/response smuggling [Orabug: 37326730]
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
|
| Oracle Linux 7 (x86_64) | squid-3.5.20-17.0.11.el7_9.13.src.rpm | 8c44772106e617d5cb73e5b4f077832685aacb5c04543fc78c9b1bad811a3a9e | - | ol7_x86_64_latest_ELS |
| squid-3.5.20-17.0.11.el7_9.13.x86_64.rpm | 47053e79f583fffc63e715c043e2a2c3a4bc307cdfeb69fa3c1142bac96c581d | - | ol7_x86_64_latest_ELS |
| squid-migration-script-3.5.20-17.0.11.el7_9.13.x86_64.rpm | 89fe3fa760c192fc501030e3eccb5b2b5a5a85ae7769d39d5b9099eca1f0df2d | - | ol7_x86_64_latest_ELS |
| squid-sysvinit-3.5.20-17.0.11.el7_9.13.x86_64.rpm | 9843f35816b1258c4e4f852ea7c3848911ede9cb2cd29ada0f3c02406deb550d | - | ol7_x86_64_latest_ELS |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
