-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5311-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 08, 2023 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : trafficserver CVE ID : CVE-2022-32749 CVE-2022-37392 Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in HTTP request smuggling, cache poisoning or denial of service. For the stable distribution (bullseye), these problems have been fixed in version 8.1.6+ds-1~deb11u1. We recommend that you upgrade your trafficserver packages. For the detailed security status of trafficserver please refer to its security tracker page at: https://security-tracker.debian.org/tracker/trafficserver Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmO7EQsACgkQEMKTtsN8 Tjbf8BAApaDgFV524mL1OJLZOkA4WV6FcPWkw90S2+WeG5suWTzmO0UozDuhjcyx S46DqrccqfioPYQHaDJlHD0XGg51+2mAn8QbIuk4k7F0llOmsWaR+JeEea8OfC1/ L5etnxKO1xbE0GMItSOXsbDZy8E529Hnw6xRykLkbiHK/M+fWWRXh7dY37Rq3SQi oSno6HvAeKcKaRxzH/GaSa3UZWxoG6N8HaNd1HoIU1p3A/6uM0Sb1/eqSQZZXo7t 7JZiBQyP3Zr42bQECmrpuk9ugX/eLx1WOgaQQ3npJ/VcS3viGXQ3ONFbVEDIOkYC 2N6f+tMNJoRjv1K47DYjiDn3n7rJ7XEY6FQ1ZoWtdVTDKtvbupPhgLlz+ichUAgE qawJquMnl9hRPEP70/v8ozmHrNm98hRF86v0J7AkUHbvN1zt4XH4Fnn0C4rqVf2/ ml4PkqooSkxNqoRWVRnZhEC2T8iDNICRMFkNyd63MS3EUayYR8dVw4P+OBL3J19W hAq/9m8uQHYY7DG3+436YaSuMxkrGdBDUP6u6/wdaj3CZPX8H0Adq6I9k56snBC2 qydyyudefP1VLiqQqs0KWCs1xuH9lU+pjf30at5iY65xOR49KFEB4YJ38lkSpeRR TByaB/aM85Nuc4VjHcHPf1Vg9nPMV4GLdGjh4cmhtbHRpV8LDRM= =LHcX -----END PGP SIGNATURE-----