Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Security analysts reported "55 Vulnerabilities in Squid Caching Proxy and 35 0days??"

    Scheduled Pinned Locked Moved Cache/Proxy
    7 Posts 2 Posters 772 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • JonathanLeeJ
      JonathanLee
      last edited by JonathanLee

      🚨 🚨 🚨 🚨 🚨 🚨 🚨 🚨 🚨 🚨 🚨 🚨 🚨 🚨 🚨 🚨 🚨

      Ref:
      https://joshua.hu/squid-security-audit-35-0days-45-exploits

      Has any redmines been created for these ?? WOW thats alot of issues.

      🚨 🚨 🚨 🚨 🚨 🚨 🚨 🚨 🚨 🚨 🚨 🚨 🚨 🚨 🚨 🚨 🚨

      Make sure to upvote

      johnpozJ 1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator @JonathanLee
        last edited by

        @JonathanLee said in Security analysts reported "55 Vulnerabilities in Squid Caching Proxy and 35 0days??":

        https://joshua.hu/squid-security-audit-35-0days-45-exploits

        "All vulnerabilities were discovered in squid-5.0.5"

        I show current package in pfsense to be 5.8.. The lastest is 5.9 in the 5 line, and 6.4 is current.

        If anything I would think it should be updated to current, either in the 5.x or should prob move to 6.x

        But not sure I would put out the red alert icons for a version that is not even being used..

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        JonathanLeeJ 1 Reply Last reply Reply Quote 2
        • JonathanLeeJ
          JonathanLee @johnpoz
          last edited by

          @johnpoz is the Squid package going to get one last update? Or has this package died?

          I am thinking about a raspberry pi 5 to run Squid on

          Make sure to upvote

          johnpozJ 1 Reply Last reply Reply Quote 0
          • johnpozJ
            johnpoz LAYER 8 Global Moderator @JonathanLee
            last edited by

            @JonathanLee I have no idea - just a user like you, that spends way to much time here ;) And to be honest I don't use that package, so don't even normally pay attention to posts about.. I think you are the only one here trying to use squid ;)

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.8, 24.11

            JonathanLeeJ 1 Reply Last reply Reply Quote 2
            • JonathanLeeJ
              JonathanLee @johnpoz
              last edited by

              @johnpoz thanks for the info, I always thought you worked for Netgate.

              Make sure to upvote

              johnpozJ 1 Reply Last reply Reply Quote 0
              • johnpozJ
                johnpoz LAYER 8 Global Moderator @JonathanLee
                last edited by johnpoz

                @JonathanLee no just a fan like any other here, I just been here so long they put me to "work" cleaning up spam - heheh, as a global mod on the forums.

                If you see a tag with Admin - those guys are netgate people.

                if you see like these

                admin.jpg

                Those are netgate people.. I am not aware of anyone that is admin that is not a netgate person. But you might see people with netgate, that are not "admins" on the forum..

                Your not the first one to make that mistake to be honest - which is why I added this to my profile many moons ago..

                comeup.jpg

                An intelligent man is sometimes forced to be drunk to spend time with his fools
                If you get confused: Listen to the Music Play
                Please don't Chat/PM me for help, unless mod related
                SG-4860 24.11 | Lab VMs 2.8, 24.11

                JonathanLeeJ 1 Reply Last reply Reply Quote 1
                • JonathanLeeJ
                  JonathanLee @johnpoz
                  last edited by

                  @johnpoz side note I finally found my invasive container it's on my 2019 Motorola g-power the thing is registering all sorts of Snort open AppID items I am not using, everything else on my network is matched to app use. It even saw Opera browser I don't even use that, alongside Snapchat, LinkedIn on and on even a bunch of Stripe payment service, and endless Skype. It was the smartphone.

                  Make sure to upvote

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.