This bug was fixed in the package varnish - 5.2.1-1ubuntu0.1
--------------- varnish (5.2.1-1ubuntu0.1) bionic-security; urgency=medium
* SECURITY UPDATE: HTTP Request Smuggling - debian/patches/CVE-2022-23959.patch: Mark req doclose when failing to ignore req body. (LP: #1971504, LP: #1939281) CVE-2022-23959
-- Luís Infante da Câmara <email address hidden> Wed, 04 May 2022 20:12:53 +0100
This bug was fixed in the package varnish - 5.2.1-1ubuntu0.1
---------------
varnish (5.2.1-1ubuntu0.1) bionic-security; urgency=medium
* SECURITY UPDATE: HTTP Request Smuggling patches/ CVE-2022- 23959.patch: Mark req doclose when failing 2022-23959
- debian/
to ignore req body. (LP: #1971504, LP: #1939281)
CVE-
-- Luís Infante da Câmara <email address hidden> Wed, 04 May 2022 20:12:53 +0100