Security analysts reported "55 Vulnerabilities in Squid Caching Proxy and 35 0days??"
-
Ref:
https://joshua.hu/squid-security-audit-35-0days-45-exploitsHas any redmines been created for these ?? WOW thats alot of issues.
-
@JonathanLee said in Security analysts reported "55 Vulnerabilities in Squid Caching Proxy and 35 0days??":
https://joshua.hu/squid-security-audit-35-0days-45-exploits
"All vulnerabilities were discovered in squid-5.0.5"
I show current package in pfsense to be 5.8.. The lastest is 5.9 in the 5 line, and 6.4 is current.
If anything I would think it should be updated to current, either in the 5.x or should prob move to 6.x
But not sure I would put out the red alert icons for a version that is not even being used..
-
@johnpoz is the Squid package going to get one last update? Or has this package died?
I am thinking about a raspberry pi 5 to run Squid on
-
@JonathanLee I have no idea - just a user like you, that spends way to much time here ;) And to be honest I don't use that package, so don't even normally pay attention to posts about.. I think you are the only one here trying to use squid ;)
-
@johnpoz thanks for the info, I always thought you worked for Netgate.
-
@JonathanLee no just a fan like any other here, I just been here so long they put me to "work" cleaning up spam - heheh, as a global mod on the forums.
If you see a tag with Admin - those guys are netgate people.
if you see like these
Those are netgate people.. I am not aware of anyone that is admin that is not a netgate person. But you might see people with netgate, that are not "admins" on the forum..
Your not the first one to make that mistake to be honest - which is why I added this to my profile many moons ago..
-
@johnpoz side note I finally found my invasive container it's on my 2019 Motorola g-power the thing is registering all sorts of Snort open AppID items I am not using, everything else on my network is matched to app use. It even saw Opera browser I don't even use that, alongside Snapchat, LinkedIn on and on even a bunch of Stripe payment service, and endless Skype. It was the smartphone.
