Format: 1.8
Date: Wed, 04 May 2022 21:16:37 +0100
Source: varnish
Binary: libvarnishapi-dev libvarnishapi2 varnish
Architecture: riscv64
Version: 6.2.1-2ubuntu0.1
Distribution: focal
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@riscv64-qemu-lcy01-075.buildd>
Changed-By: Luís Infante da Câmara <luis.infante.da.camara@tecnico.ulisboa.pt>
Description:
 libvarnishapi-dev - development files for Varnish
 libvarnishapi2 - shared libraries for Varnish
 varnish    - state of the art, high-performance web accelerator
Launchpad-Bugs-Fixed: 1939281 1971504
Changes:
 varnish (6.2.1-2ubuntu0.1) focal-security; urgency=medium
 .
   * SECURITY UPDATE: Sensitive Information Disclosure
     - debian/patches/CVE-2019-20637.patch: Clear err_code and err_reason at
       start of request handling. (LP: #1971504, LP: #1939281)
       CVE-2019-20637
   * SECURITY UPDATE: Assertion failure
     - debian/patches/CVE-2020-11653.patch: Take sizeof pool_task into account
       when reserving WS in SES_Wait. (LP: #1971504, LP: #1939281)
       CVE-2020-11653
   * SECURITY UPDATE: HTTP Request Smuggling
     - debian/patches/CVE-2021-36740.patch: Take content length into
       account on H/2 request bodies. (LP: #1971504, LP: #1939281)
     - debian/patches/CVE-2022-23959.patch: Mark req doclose when failing
       to ignore req body. (LP: #1971504, LP: #1939281)
       CVE-2021-36740
       CVE-2022-23959
   * Additions fixes
     - debian/patches/WS_ReserveAll.patch: Add WS_ReserveAll to replace
       WS_Reserve(ws, 0).
     - debian/patches/WS_ReserveSize.patch: Deprecate WS_Reserve() and replace
       it with WS_ReserveSize().
Checksums-Sha1:
 df50591c359c4948fb00bca230fc2d32ff718cf9 90292 libvarnishapi-dev_6.2.1-2ubuntu0.1_riscv64.deb
 14788cda4eed14bf2768bb7423bf1d46132df2b7 151352 libvarnishapi2-dbgsym_6.2.1-2ubuntu0.1_riscv64.ddeb
 e599ab56dc6cea471eb2fbad5387a37b39f875ed 65140 libvarnishapi2_6.2.1-2ubuntu0.1_riscv64.deb
 8b4c82a16b484930e5812cc5b6d95fd24b43e079 1691176 varnish-dbgsym_6.2.1-2ubuntu0.1_riscv64.ddeb
 eedc3b66e0c00a3ab608c1b8ba1889a62cbdc670 9867 varnish_6.2.1-2ubuntu0.1_riscv64.buildinfo
 6f66189b306514660e40ec6eef8fffde2b8af1d3 774392 varnish_6.2.1-2ubuntu0.1_riscv64.deb
Checksums-Sha256:
 5369c535dcdeafdc85646a204eab3d5391a8aa7442f91323f7fb584c723fc8eb 90292 libvarnishapi-dev_6.2.1-2ubuntu0.1_riscv64.deb
 e40e954fafa89b5a4451f4f5595e0f44a03a5a13834f0c4884d251576a3a8b91 151352 libvarnishapi2-dbgsym_6.2.1-2ubuntu0.1_riscv64.ddeb
 b4a3cc9fee34a8504f9f125b52536466a9d89cd5f879677c539ac2d09f3a57f0 65140 libvarnishapi2_6.2.1-2ubuntu0.1_riscv64.deb
 dfcf2b90044d605e25024c0c01f253ee47bca4c0240e8f9bb7bbe2298cb5e97a 1691176 varnish-dbgsym_6.2.1-2ubuntu0.1_riscv64.ddeb
 fca3c328278d7b81cc94882920fa3e8b3c68cad0f8fb6324fc5db1a8e426f78c 9867 varnish_6.2.1-2ubuntu0.1_riscv64.buildinfo
 6acfe9f347dd70070d02438ddc50d6d196891867c563b78380c55dd352bbc7dd 774392 varnish_6.2.1-2ubuntu0.1_riscv64.deb
Files:
 f1a1e03d7b0230d3a25c898107669be0 90292 libdevel optional libvarnishapi-dev_6.2.1-2ubuntu0.1_riscv64.deb
 6def961daedf16fa6a81b7e490a0bab1 151352 debug optional libvarnishapi2-dbgsym_6.2.1-2ubuntu0.1_riscv64.ddeb
 78b455a802d2c6b2d062dc06ff3b70ec 65140 libs optional libvarnishapi2_6.2.1-2ubuntu0.1_riscv64.deb
 44b01f239422ac17d7e33623f68a62ab 1691176 debug optional varnish-dbgsym_6.2.1-2ubuntu0.1_riscv64.ddeb
 6d4129e4aab4105c43719dac387ff64d 9867 web optional varnish_6.2.1-2ubuntu0.1_riscv64.buildinfo
 078e28cfd529b883099b2179ba7bdf06 774392 web optional varnish_6.2.1-2ubuntu0.1_riscv64.deb
Original-Maintainer: Varnish Package Maintainers <team+varnish-team@tracker.debian.org>