Debian Security Advisory 5334-1

Debian Security Advisory 5334-1: Posted Jan 30, 2023; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5334-1 - Martin van Kervel Smedshammer discovered that varnish, a state of the art, high-performance web accelerator, is prone to a HTTP/2 request forgery vulnerability.; tags | advisory, web; systems | linux, debian; advisories | CVE-2022-45060; SHA-256 | 252078af082c9fffe4f816b645478a49bd303397f4456b2a82cf40274f3aa196; Download | Favorite | View

Debian Security Advisory 5334-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5334-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
January 29, 2023                      https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : varnish
CVE ID         : CVE-2022-45060
Debian Bug     : 1023751

Martin van Kervel Smedshammer discovered that varnish, a state of the
art, high-performance web accelerator, is prone to a HTTP/2 request
forgery vulnerability.

See https://varnish-cache.org/security/VSV00011.html for details.

For the stable distribution (bullseye), this problem has been fixed in
version 6.5.1-1+deb11u3.

We recommend that you upgrade your varnish packages.

For the detailed security status of varnish please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/varnish

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmPW4PxfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0R2Xw//ezfXNoVdUw/N3ym0RS/2RBEjxmyC4tSBihh9xNV/rMr4ez/CqNC5iH2m
RYBjcEopyKZpuPiakY3eQC8Erk5TPo4Ky4zv9WPCyzV7a/nBe+bTdkL5VKciouS/
tG2B4tHaCTy3oGf6gUV3hJOruNDtJCFxpl3hfADT95wIZ9rKZpP4eSJ7YvU1Sml4
ZUenM73WbNP6UUzXXEcpfZbvraBs4l+SDxHrUR4t3MRAX0KXgXPVGD7dhb14A8XK
fLX+I7TS6tOgVApagnaH8xCY6+gk3UCyzgWmCkITCvYZOyYNHBoB1hHbIxvJ9Phh
KimdMpEwKjGNM+g974j4uOlLQlHDYo0dZIIncBICjbvB/7BgiictilcgcwcnlCof
XqroJwzQS/B1K0Pk8tc6Ok/xt9k2QqRru8vYI8CcgxcdpfkVodgnPU/bSbq6a8gF
NY4ZJQzVPbcg0Yjw7T0pzZjTnGpBchywzCf2ZOxVyeTNhSCEryhahYuYAJJR029f
hPP4brhV0taAthorwc/AdNSdUHnO+2rrcEgpUuBArBku7n4f4dtSixcnWtr9IFDb
xW3wr3LINgdNQAtPxlJuMdaI83eeTFMETztROhBt9SGI88Cn0UUC026hs5Osy+m6
aHaRq6wAyqjlcf72NDIlu6UAAtc60yUvTIH9VvNKuPr6fQXbEUw=
=wFUO
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 221 files
Ubuntu 59 files
Debian 30 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
tmrswrr 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,298)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,550)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,453)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

Debian Security Advisory 5334-1

Debian Security Advisory 5334-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 5334-1

Share This

Debian Security Advisory 5334-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems