varnish 6.2.1-2ubuntu0.1 source package in Ubuntu
Changelog
varnish (6.2.1-2ubuntu0.1) focal-security; urgency=medium
* SECURITY UPDATE: Sensitive Information Disclosure
- debian/patches/CVE-2019-20637.patch: Clear err_code and err_reason at
start of request handling. (LP: #1971504, LP: #1939281)
CVE-2019-20637
* SECURITY UPDATE: Assertion failure
- debian/patches/CVE-2020-11653.patch: Take sizeof pool_task into account
when reserving WS in SES_Wait. (LP: #1971504, LP: #1939281)
CVE-2020-11653
* SECURITY UPDATE: HTTP Request Smuggling
- debian/patches/CVE-2021-36740.patch: Take content length into
account on H/2 request bodies. (LP: #1971504, LP: #1939281)
- debian/patches/CVE-2022-23959.patch: Mark req doclose when failing
to ignore req body. (LP: #1971504, LP: #1939281)
CVE-2021-36740
CVE-2022-23959
* Additions fixes
- debian/patches/WS_ReserveAll.patch: Add WS_ReserveAll to replace
WS_Reserve(ws, 0).
- debian/patches/WS_ReserveSize.patch: Deprecate WS_Reserve() and replace
it with WS_ReserveSize().
-- Luís Infante da Câmara <email address hidden> Wed, 04 May 2022 21:16:37 +0100
Upload details
- Uploaded by:
- Luís Infante da Câmara
- Sponsored by:
- Paulo Flabiano Smorigo
- Uploaded to:
- Focal
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- web
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| varnish_6.2.1.orig.tar.gz | 3.1 MiB | f28e05d292c8fcd0e62c9fbbf1c9058368d8ad5ecf5476b57fab80eb06df0e97 |
| varnish_6.2.1-2ubuntu0.1.debian.tar.xz | 29.5 KiB | dd74e68b43a3ad10ada454bf9737e24f1179ef3a53e80d932bb5f7b889676635 |
| varnish_6.2.1-2ubuntu0.1.dsc | 2.5 KiB | e2fe6926bb556d96b692654915ddbbafb66c6057f08d88b487a05bfaa13fbd66 |
Available diffs
Binary packages built by this source
- libvarnishapi-dev: development files for Varnish
Development files for the Varnish HTTP accelerator.
- libvarnishapi2: shared libraries for Varnish
Shared libraries for the Varnish HTTP accelerator.
- libvarnishapi2-dbgsym: debug symbols for libvarnishapi2
- varnish: state of the art, high-performance web accelerator
Varnish Cache is a state of the art web accelerator written with
performance and flexibility in mind.
.
Varnish Cache stores web pages in memory so web servers don't have to
create the same web page over and over again. Varnish serves pages
much faster than any application server; giving the website a
significant speed up.
.
Some of the features include:
* A modern design
* VCL - a very flexible configuration language
* Load balancing with health checking of backends
* Partial support for ESI - Edge Side Includes
* URL rewriting
* Graceful handling of "dead" backends
- varnish-dbgsym: debug symbols for varnish
- varnish-doc: documentation for Varnish Cache
This package contains HTML documentation for Varnish Cache.
