diff -Nru varnish-6.6.1/debian/changelog varnish-6.6.1/debian/changelog
--- varnish-6.6.1/debian/changelog	2021-09-18 19:30:25.000000000 +0100
+++ varnish-6.6.1/debian/changelog	2022-05-04 23:19:23.000000000 +0100
@@ -1,3 +1,10 @@
+varnish (6.6.1-1ubuntu0.1) jammy-security; urgency=medium
+
+  * SECURITY UPDATE: CVE-2022-23959 (LP: #1971504)
+    - debian/patches/CVE-2022-23959.patch: New patch from tag varnish-6.6.2 in upstream GitHub.
+
+ -- Luís Infante da Câmara <luis.infante.da.camara@tecnico.ulisboa.pt>  Wed, 04 May 2022 23:19:23 +0100
+
 varnish (6.6.1-1) unstable; urgency=medium
 
   * New upstream release
diff -Nru varnish-6.6.1/debian/patches/CVE-2022-23959.patch varnish-6.6.1/debian/patches/CVE-2022-23959.patch
--- varnish-6.6.1/debian/patches/CVE-2022-23959.patch	1970-01-01 01:00:00.000000000 +0100
+++ varnish-6.6.1/debian/patches/CVE-2022-23959.patch	2022-05-04 23:18:47.000000000 +0100
@@ -0,0 +1,13 @@
+diff --git a/bin/varnishd/cache/cache_req_body.c b/bin/varnishd/cache/cache_req_body.c
+index f4eedc1f5..7f0712a14 100644
+--- a/bin/varnishd/cache/cache_req_body.c
++++ b/bin/varnishd/cache/cache_req_body.c
+@@ -251,6 +251,8 @@ VRB_Ignore(struct req *req)
+ 	if (req->req_body_status->avail > 0)
+ 		(void)VRB_Iterate(req->wrk, req->vsl, req,
+ 		    httpq_req_body_discard, NULL);
++	if (req->req_body_status == BS_ERROR)
++		req->doclose = SC_RX_BODY;
+ 	return (0);
+ }
+ 
diff -Nru varnish-6.6.1/debian/patches/series varnish-6.6.1/debian/patches/series
--- varnish-6.6.1/debian/patches/series	1970-01-01 01:00:00.000000000 +0100
+++ varnish-6.6.1/debian/patches/series	2022-05-04 23:19:23.000000000 +0100
@@ -0,0 +1 @@
+CVE-2022-23959.patch