Un problème a été découvert dans Squid avant 4.10. En raison de la gestion de la mémoire tampon incorrecte, un client distant peut provoquer un débordement de mémoire tampon dans une instance Squid agissant comme proxy inverse.
https://www.debian.org/security/2020/dsa-4682
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSU6SPANL27AGK5PCGBJOKG4LUWA555J/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G6W2IQ7QV2OGREFFUBNVZIDD3RJBDE4R/
https://security.gentoo.org/glsa/202003-34
http://www.squid-cache.org/Advisories/SQUID-2020_1.txt
http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2020_1.patch
http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-8e657e835965c3a011375feaa0359921c5b3e2dd.patch
http://www.squid-cache.org/Versions/v4/changesets/SQUID-2020_1.patch
http://www.squid-cache.org/Versions/v4/changesets/squid-4-b3a0719affab099c684f1cd62b79ab02816fa962.patch
http://www.squid-cache.org/Versions/v4/changesets/squid-4-d8e4715992d0e530871519549add5519cbac0598.patch
https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00012.html
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00010.html
https://usn.ubuntu.com/4289-1/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8450
