HCE2-SA-2024-0298 Important HCE 2.0 Security Fix(es): Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Out-of-bounds Write error when assigning ESI variables, Squid is susceptible to a Memory Corruption error. This error can lead to a Denial of Service attack. (CVE-2024-37894) Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid may be vulnerable to a Denial of Service attack against HTTP Chunked decoder due to an uncontrolled recursion bug. This problem allows a remote attacker to cause Denial of Service when sending a crafted, chunked, encoded HTTP Message. This bug is fixed in Squid version 6.8. In addition, patches addressing this problem for the stable releases can be found in Squid_x27;s patch archives. There is no workaround for this issue. (CVE-2024-25111) HCE 2.0 squid-4.9-24.r2.hce2.aarch64.rpm squid-4.9-24.r2.hce2.x86_64.rpm