MGASA-2022-0079
- Source
- https://advisories.mageia.org/MGASA-2022-0079.html
- Import Source
- https://advisories.mageia.org/MGASA-2022-0079.json
- JSON Data
- https://api.osv.dev/v1/vulns/MGASA-2022-0079
- Related
- Published
- 2022-02-22T20:15:16Z
- Modified
- 2022-02-22T19:35:39Z
- Summary
- Updated varnish packages fix security vulnerability
- Details
-
In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and and Varnish Enterprise (Cache Plus) 4.1.x before 4.1.11r6 and 6.0.x before 6.0.9r4, request smuggling can occur for HTTP/1 connections. (CVE-2022-23959)
- References
-
- https://advisories.mageia.org/MGASA-2022-0079.html
- https://bugs.mageia.org/show_bug.cgi?id=30048
- https://www.debian.org/lts/security/2022/dla-2920
- https://docs.varnish-software.com/security/VSV00008/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/UMMDMQWNAE3BTSZUHXQHVAMZC5TLHLYT/
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:8 / varnish
Package
- Name
- varnish
- Purl
- pkg:rpm/mageia/varnish?distro=mageia-8