AVG-1667 log

Package	squid
Status	Fixed
Severity	High
Type	multiple issues
Affected	5.1-1
Fixed	5.2-1
Current	7.3-1 [extra]
Ticket	None
Created	Wed Mar 10 08:01:16 2021

Issue	Severity	Remote	Type	Description
CVE-2021-41611	High	Yes	Certificate verification bypass	When validating an origin server or peer certificate, Squid 5 before version 5.2 may incorrectly classify certain certificates as trusted. This problem...
CVE-2021-28116	High	Yes	Information disclosure	Squid before version 5.2, in some configurations, allows information disclosure because of an out-of-bounds read in WCCPv2 protocol data. This problem...

Issue

Severity

Remote

Type

Description

CVE-2021-41611

High

Yes

Certificate verification bypass

When validating an origin server or peer certificate, Squid 5 before version 5.2 may incorrectly classify certain certificates as trusted. This problem...

CVE-2021-28116

High

Yes

Information disclosure

Squid before version 5.2, in some configurations, allows information disclosure because of an out-of-bounds read in WCCPv2 protocol data. This problem...