Hi, I would recommend updating squid as soon as possible because of CVE-2023-50269. => https://nvd.nist.gov/vuln/detail/CVE-2023-50269 "...Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request parsing. This problem allows a remote client to perform Denial of Service attack by sending a large X-Forwarded-For header when the follow_x_forwarded_for feature is configured. This bug is fixed by Squid version 6.6..." As far as I can see, we don't use this feature, but... ;-) Jm2c, Matthias On 11.12.2023 20:41, Michael Tremer wrote: > Thank you for the patch and review. > > Is there any urgency here to include this in the update that is currently in testing? Considering that latest history of vulnerabilities in squid, I am happy to ship any fixes as soon as possible. > > -Michael > >> On 9 Dec 2023, at 22:05, Adolf Belka wrote: >> >> Reviewed-by: Adolf Belka >> >> On 09/12/2023 08:56, Matthias Fischer wrote: >>> For details see: >>> https://github.com/squid-cache/squid/commits/v6 >>> >>> Signed-off-by: Matthias Fischer >>> --- >>> lfs/squid | 4 ++-- >>> 1 file changed, 2 insertions(+), 2 deletions(-) >>> >>> diff --git a/lfs/squid b/lfs/squid >>> index d92341794..c0f465c16 100644 >>> --- a/lfs/squid >>> +++ b/lfs/squid >>> @@ -24,7 +24,7 @@ >>> include Config >>> -VER = 6.5 >>> +VER = 6.6 >>> THISAPP = squid-$(VER) >>> DL_FILE = $(THISAPP).tar.xz >>> @@ -46,7 +46,7 @@ objects = $(DL_FILE) >>> $(DL_FILE) = $(DL_FROM)/$(DL_FILE) >>> -$(DL_FILE)_BLAKE2 = 91ed91f9b0f56f440a7f15a63bbc3e19537b60bc8b31b5bf7e16884367d0da060c5490e1721dbd7c5fce7f4a4e958fb3554d6bdc5b55f568598f907722b651de >>> +$(DL_FILE)_BLAKE2 = 7c3c96f5cd5f819f6f020fb3e63ee8d9bb26b7fb4ff4405d7963a643c6766344e6492505bc1b33f3040ad800b3d7a3ad6a4b067b031ac4d178ddcac04c6e74dc >>> install : $(TARGET) >>> >