OESA-2022-1692

See a problem?
Please try reporting it to the source first.

Source

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-1692

Import Source

https://repo.openeuler.org/security/data/osv/OESA-2022-1692.json

JSON Data

https://api.osv.dev/v1/vulns/OESA-2022-1692

Upstream

CVE-2021-44040

Published

2022-06-02T11:03:51Z

Modified

2025-09-03T06:17:43.050571Z

Summary

trafficserver security update

Details

Apache Traffic Server is an OpenSource HTTP / HTTPS / HTTP/2 / QUIC reverse, forward and transparent proxy and cache.

Security Fix(es):

Improper Input Validation vulnerability in request line parsing of Apache Traffic Server allows an attacker to send invalid requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.3 and 9.0.0 to 9.1.1.(CVE-2021-44040)

Database specific

{
    "severity": "High"
}

References

Affected packages

openEuler:20.03-LTS-SP1 / trafficserver

Package

Name: trafficserver
Purl: pkg:rpm/openEuler/trafficserver&distro=openEuler-20.03-LTS-SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

9.1.2-1.oe1

Ecosystem specific

{
    "x86_64": [
        "trafficserver-debugsource-9.1.2-1.oe1.x86_64.rpm",
        "trafficserver-devel-9.1.2-1.oe1.x86_64.rpm",
        "trafficserver-perl-9.1.2-1.oe1.x86_64.rpm",
        "trafficserver-9.1.2-1.oe1.x86_64.rpm",
        "trafficserver-debuginfo-9.1.2-1.oe1.x86_64.rpm"
    ],
    "src": [
        "trafficserver-9.1.2-1.oe1.src.rpm"
    ],
    "aarch64": [
        "trafficserver-debuginfo-9.1.2-1.oe1.aarch64.rpm",
        "trafficserver-debugsource-9.1.2-1.oe1.aarch64.rpm",
        "trafficserver-perl-9.1.2-1.oe1.aarch64.rpm",
        "trafficserver-9.1.2-1.oe1.aarch64.rpm",
        "trafficserver-devel-9.1.2-1.oe1.aarch64.rpm"
    ]
}

openEuler:20.03-LTS-SP3 / trafficserver

Package

Name: trafficserver
Purl: pkg:rpm/openEuler/trafficserver&distro=openEuler-20.03-LTS-SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

9.1.2-1.oe1

Ecosystem specific

{
    "x86_64": [
        "trafficserver-devel-9.1.2-1.oe1.x86_64.rpm",
        "trafficserver-debuginfo-9.1.2-1.oe1.x86_64.rpm",
        "trafficserver-debugsource-9.1.2-1.oe1.x86_64.rpm",
        "trafficserver-9.1.2-1.oe1.x86_64.rpm",
        "trafficserver-perl-9.1.2-1.oe1.x86_64.rpm"
    ],
    "src": [
        "trafficserver-9.1.2-1.oe1.src.rpm"
    ],
    "aarch64": [
        "trafficserver-debugsource-9.1.2-1.oe1.aarch64.rpm",
        "trafficserver-devel-9.1.2-1.oe1.aarch64.rpm",
        "trafficserver-9.1.2-1.oe1.aarch64.rpm",
        "trafficserver-perl-9.1.2-1.oe1.aarch64.rpm",
        "trafficserver-debuginfo-9.1.2-1.oe1.aarch64.rpm"
    ]
}