Advisories ยป MGASA-2022-0079

Updated varnish packages fix security vulnerability

Publication date: 22 Feb 2022
Modification date: 22 Feb 2022
Type: security
Affected Mageia releases : 8
CVE: CVE-2022-23959

Description

In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS
before 6.0.10, and and Varnish Enterprise (Cache Plus) 4.1.x before
4.1.11r6 and 6.0.x before 6.0.9r4, request smuggling can occur for HTTP/1
connections. (CVE-2022-23959)

References

SRPMS

8/core