An update for squid is now available for openEuler-20.03-LTS-SP4 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2026-1798 Final 1.0 1.0 2026-04-03 Initial 2026-04-03 2026-04-03 openEuler SA Tool V1.0 2026-04-03 squid security update An update for squid is now available for openEuler-20.03-LTS-SP4 Squid is a high-performance proxy caching server. It handles all requests in a single, non-blocking, I/O-driven process and keeps meta data and implements negative caching of failed requests. Security Fix(es): Squid is a caching proxy for the Web. Prior to version 7.5, due to improper input validation, Squid is vulnerable to out of bounds read when handling ICP traffic. This problem allows a remote attacker to receive small amounts of memory potentially containing sensitive information when responding with errors to invalid ICP requests. This attack is limited to Squid deployments that explicitly enable ICP support (i.e. configure non-zero `icp_port`). This problem cannot be mitigated by denying ICP queries using `icp_access` rules. Version 7.5 contains a patch.(CVE-2026-33515) Squid is a caching proxy for the Web. Prior to version 7.5, due to heap Use-After-Free, Squid is vulnerable to Denial of Service when handling ICP traffic. This problem allows a remote attacker to perform a reliable and repeatable Denial of Service attack against the Squid service using ICP protocol. This attack is limited to Squid deployments that explicitly enable ICP support (i.e. configure non-zero `icp_port`). This problem _cannot_ be mitigated by denying ICP queries using `icp_access` rules. Version 7.5 contains a patch.(CVE-2026-33526) An update for squid is now available for openEuler-20.03-LTS-SP4. openEuler Security has rated this update as having a security impact of critical. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Critical squid https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1798 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-33515 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-33526 https://nvd.nist.gov/vuln/detail/CVE-2026-33515 https://nvd.nist.gov/vuln/detail/CVE-2026-33526 openEuler-20.03-LTS-SP4 squid-4.9-26.oe2003sp4.aarch64.rpm squid-debuginfo-4.9-26.oe2003sp4.aarch64.rpm squid-debugsource-4.9-26.oe2003sp4.aarch64.rpm squid-4.9-26.oe2003sp4.src.rpm squid-4.9-26.oe2003sp4.x86_64.rpm squid-debuginfo-4.9-26.oe2003sp4.x86_64.rpm squid-debugsource-4.9-26.oe2003sp4.x86_64.rpm Squid is a caching proxy for the Web. Prior to version 7.5, due to improper input validation, Squid is vulnerable to out of bounds read when handling ICP traffic. This problem allows a remote attacker to receive small amounts of memory potentially containing sensitive information when responding with errors to invalid ICP requests. This attack is limited to Squid deployments that explicitly enable ICP support (i.e. configure non-zero `icp_port`). This problem cannot be mitigated by denying ICP queries using `icp_access` rules. Version 7.5 contains a patch. 2026-04-03 CVE-2026-33515 openEuler-20.03-LTS-SP4 Medium 6.9 AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:N/SA:N squid security update 2026-04-03 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1798 Squid is a caching proxy for the Web. Prior to version 7.5, due to heap Use-After-Free, Squid is vulnerable to Denial of Service when handling ICP traffic. This problem allows a remote attacker to perform a reliable and repeatable Denial of Service attack against the Squid service using ICP protocol. This attack is limited to Squid deployments that explicitly enable ICP support (i.e. configure non-zero `icp_port`). This problem _cannot_ be mitigated by denying ICP queries using `icp_access` rules. Version 7.5 contains a patch. 2026-04-03 CVE-2026-33526 openEuler-20.03-LTS-SP4 Critical 9.2 AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H squid security update 2026-04-03 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1798