MGASA-2020-0025

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2020-0025.html

Import Source

https://advisories.mageia.org/MGASA-2020-0025.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2020-0025

Published

2020-01-07T21:19:56Z

Modified

2026-04-16T04:26:06.589375Z

Summary

Updated varnish packages fix security vulnerability

Details

Updated varnish packages fix security vulnerability:

A bug has been discovered in Varnish Cache where we fail to clear a pointer between the handling of one client requests and the next on the same connection. This can under specific circumstances lead to information being leaked from the connection workspace (VSV00004).

The varnish package has been updated to version 6.3.1, which includes many fixes and enhancements. See the upstream documentation for details.

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:7 / varnish

Package

Name: varnish
Purl: pkg:rpm/mageia/varnish?arch=source&distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.3.1-1.mga7

Ecosystem specific

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2020-0025.json"