|
|
Subscribe / Log in / New account

Mageia alert MGASA-2020-0154 (varnish)



From:
              Mageia Updates <buildsystem-daemon@mageia.org> 


To:
              updates-announce@ml.mageia.org 


Subject:
              [updates-announce] MGASA-2020-0154: Updated varnish packages fix security vulnerability 


Date:
              Fri, 3 Apr 2020 00:49:47 +0200


Message-ID:
              <20200402224947.5963D9F63F@duvel.mageia.org>


MGASA-2020-0154 - Updated varnish packages fix security vulnerability

Publication date: 02 Apr 2020
URL: https://advisories.mageia.org/MGASA-2020-0154.html
Type: security
Affected Mageia releases: 7

Description:
Updated varnish packages fix security vulnerability:

An assert can be triggered in Varnish Cache when using Varnish with a TLS
termination proxy, and the proxy and Varnish use the PROXY version 2. The
assert will cause Varnish to restart, and the cache will be empty after the
restart (VSV00005).

References:
- https://bugs.mageia.org/show_bug.cgi?id=26404
- https://varnish-cache.org/security/VSV00005.html
-
https://lists.fedoraproject.org/archives/list/package-ann...

SRPMS:
- 7/core/varnish-6.3.2-1.mga7
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds