varnish 6.2.1-2ubuntu0.2 source package in Ubuntu
Changelog
varnish (6.2.1-2ubuntu0.2) focal-security; urgency=medium * SECURITY REGRESSION: Incomplete fix for CVE-2020-11653 (LP: #1986627) - debian/patches/WS_ReserveAll.patch: Rename to CVE-2020-11653-01.patch. - debian/patches/WS_ReserveSize.patch: Rename to CVE-2020-11653-02.patch. - debian/patches/CVE-2020-11653-03.patch: Add a facility to test WS_ReserveSize(). - debian/patches/CVE-2020-11653-04.patch: Correct the overflow condition in WS_ReserveSize(). - debian/patches/CVE-2020-11653-05.patch: Fix copy-pasted test description. - debian/patches/CVE-2020-11653-06.patch: Add Session Attribute workspace overflow handling. - debian/patches/CVE-2020-11653-07.patch: Simplify WS allocation in tlv_string. - debian/patches/CVE-2020-11653-08.patch: Try to make the proxy code session workspace overflow test on 32-bit platforms. - debian/patches/CVE-2020-11653-09.patch: Adjust the workspace session size for 32-bit vtest machines. - debian/patches/CVE-2020-11653-10.patch: Handle out of session workspace in http1_new_session(). - debian/patches/CVE-2020-11653-11.patch: Remove extra call to SES_Reserve_proto_priv(). - debian/patches/CVE-2020-11653-12.patch: Remove call to SES_Reserve_proto_priv() in h2_init_sess(). - debian/patches/CVE-2020-11653-13.patch: Handle badly formatted proxy TLVs. - debian/patches/CVE-2020-11653-14.patch: Add a missing assertion to WS_ReserveAll(). - debian/patches/CVE-2020-11653-15.patch: Fix WS_ReserveSize calls when bytes is equal to free workspace. - debian/patches/CVE-2020-11653.patch: Rename to CVE-2020-11653-16.patch. -- Luís Infante da Câmara <email address hidden> Tue, 16 Aug 2022 17:57:53 +0100
Upload details
- Uploaded by:
- Luís Infante da Câmara
- Sponsored by:
- Paulo Flabiano Smorigo
- Uploaded to:
- Focal
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- web
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section | |
---|---|---|---|---|
Focal | updates | universe | web | |
Focal | security | universe | web |
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
varnish_6.2.1.orig.tar.gz | 3.1 MiB | f28e05d292c8fcd0e62c9fbbf1c9058368d8ad5ecf5476b57fab80eb06df0e97 |
varnish_6.2.1-2ubuntu0.2.debian.tar.xz | 37.1 KiB | 16fa3a3d652e6bddee47011c4242f9e65c50426cc7b6180431519728af07876a |
varnish_6.2.1-2ubuntu0.2.dsc | 2.5 KiB | cf9484c90a811dd78021b2eac9fda5143c53d12e3c8b17acd0da0990cf6d4e3b |
Available diffs
Binary packages built by this source
- libvarnishapi-dev: development files for Varnish
Development files for the Varnish HTTP accelerator.
- libvarnishapi2: shared libraries for Varnish
Shared libraries for the Varnish HTTP accelerator.
- libvarnishapi2-dbgsym: debug symbols for libvarnishapi2
- varnish: state of the art, high-performance web accelerator
Varnish Cache is a state of the art web accelerator written with
performance and flexibility in mind.
.
Varnish Cache stores web pages in memory so web servers don't have to
create the same web page over and over again. Varnish serves pages
much faster than any application server; giving the website a
significant speed up.
.
Some of the features include:
* A modern design
* VCL - a very flexible configuration language
* Load balancing with health checking of backends
* Partial support for ESI - Edge Side Includes
* URL rewriting
* Graceful handling of "dead" backends
- varnish-dbgsym: debug symbols for varnish
- varnish-doc: documentation for Varnish Cache
This package contains HTML documentation for Varnish Cache.