Alibaba Cloud Linux 2.1903 Security Advisory: ALINUX2-SA-2025:0004

Issued: 2025-01-10
Updated: 2025-01-10

Summary

squid security update

Severity

Important

Description

Package updates are available for Alibaba Cloud Linux 2.1903 that fix the following vulnerabilities:

CVE-2023-46846:
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.

References

Updated Packages