Squid Proxy Server 5.2 Bugfix Release Now Available

Squid is one of the most popular proxy/cache server. The new v5.2 fixes several vulnerabilities and bugs found in the prior Squid releases.

Squid is a widely-used caching proxy server for Linux and Unix platforms. This means that it stores requested Internet objects, such as data on a Web or FTP server, on a machine that is closer to the requesting workstation than the server.

In other words, it redirects object requests from clients (in this case, from Web browsers) to the server.

Proxies provide added layers of security and cache services that make loading processes faster. Squid supports several caching protocols, such as hypertext caching protocols (HTCP), internet cache protocol (ICP), cache array routing protocol (CARP), and web cache communication protocol (WCCP). It also processes caching requests from Domain Name Server (DNS) lookups and Secure Sockets Layer (SSL).

Now that a new version has been announced, let’s see what has changed in Squid 5.2.

Squid 5.2 Highlights

As already mentioned, Squid 5.2 is a security release resolving several vulnerabilities and bugs found in the prior Squid releases.

Due to an out of bounds memory access Squid is vulnerable to an information leak vulnerability when processing WCCPv2 (Web Cache Communication Protocol) messages. This problem allows a WCCPv2 sender to corrupt Squids list of known WCCP routers and divert client traffic to attacker controlled routers.

This attack is limited only to Squid proxy with WCCPv2 enabled and IP spoofing of a router IP address configured as trusted in squid.conf. Now in Squid 5.2 this has been fixed.

Furthermore, improper certificate validation of TLS server certificates has already been fixed in the latest version. This problem allows a remote server to obtain security trust when the trust is not valid. This indication of trust may be passed along to clients allowing access to unsafe or hijacked services.

In addition to the bugfixes, since v3.5 Squid has incorrectly truncated FTP downloads when the transfer is made in ASCII mode (with ;type= argument). This release can be expected to work when downloading from all FTP servers.

For more information about all changes in the new version, you can refer to the Squid 5.2 release notes or you can visit the project’s website.

Bobby Borisov

Bobby Borisov

Bobby, an editor-in-chief at Linuxiac, is a Linux professional with over 20 years of experience. With a strong focus on Linux and open-source software, he has worked as a Senior Linux System Administrator, Software Developer, and DevOps Engineer for small and large multinational companies.

Think You're an Ubuntu Expert? Let's Find Out!

Put your knowledge to the test in our lightning-fast Ubuntu quiz!
Ten questions to challenge yourself to see if you're a Linux legend or just a penguin in the making.

1 / 10

Ubuntu is an ancient African word that means:

2 / 10

Who is the Ubuntu's founder?

3 / 10

What year was the first official Ubuntu release?

4 / 10

What does the Ubuntu logo symbolize?

5 / 10

What package format does Ubuntu use for installing software?

6 / 10

When are Ubuntu's LTS versions released?

7 / 10

What is Unity?

8 / 10

What are Ubuntu versions named after?

9 / 10

What's Ubuntu Core?

10 / 10

Which Ubuntu version is Snap introduced?

The average score is 68%