UbuntuUpdates.org

Package "varnish"

Name: varnish

Description:

state of the art, high-performance web accelerator
Latest version: 6.2.1-2ubuntu0.2
Release: focal (20.04)
Level: updates
Repository: universe
Homepage: https://www.varnish-cache.org/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "varnish"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "varnish" in Focal

Repository Area Version
base universe 6.2.1-2
security universe 6.2.1-2ubuntu0.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 6.2.1-2ubuntu0.2 2022-08-24 13:07:11 UTC

  varnish (6.2.1-2ubuntu0.2) focal-security; urgency=medium

  * SECURITY REGRESSION: Incomplete fix for CVE-2020-11653 (LP: #1986627)
    - debian/patches/WS_ReserveAll.patch: Rename to CVE-2020-11653-01.patch.
    - debian/patches/WS_ReserveSize.patch: Rename to CVE-2020-11653-02.patch.
    - debian/patches/CVE-2020-11653-03.patch: Add a facility to test
      WS_ReserveSize().
    - debian/patches/CVE-2020-11653-04.patch: Correct the overflow condition in
      WS_ReserveSize().
    - debian/patches/CVE-2020-11653-05.patch: Fix copy-pasted test description.
    - debian/patches/CVE-2020-11653-06.patch: Add Session Attribute workspace
      overflow handling.
    - debian/patches/CVE-2020-11653-07.patch: Simplify WS allocation in
      tlv_string.
    - debian/patches/CVE-2020-11653-08.patch: Try to make the proxy code session
      workspace overflow test on 32-bit platforms.
    - debian/patches/CVE-2020-11653-09.patch: Adjust the workspace session size
      for 32-bit vtest machines.
    - debian/patches/CVE-2020-11653-10.patch: Handle out of session workspace in
      http1_new_session().
    - debian/patches/CVE-2020-11653-11.patch: Remove extra call to
      SES_Reserve_proto_priv().
    - debian/patches/CVE-2020-11653-12.patch: Remove call to
      SES_Reserve_proto_priv() in h2_init_sess().
    - debian/patches/CVE-2020-11653-13.patch: Handle badly formatted proxy TLVs.
    - debian/patches/CVE-2020-11653-14.patch: Add a missing assertion to
      WS_ReserveAll().
    - debian/patches/CVE-2020-11653-15.patch: Fix WS_ReserveSize calls when
      bytes is equal to free workspace.
    - debian/patches/CVE-2020-11653.patch: Rename to CVE-2020-11653-16.patch.

 -- Luís Infante da Câmara <email address hidden> Tue, 16 Aug 2022 17:57:53 +0100
Source diff to previous version
1986627 Incomplete fix for CVE-2020-11653
CVE-2020-11653 An issue was discovered in Varnish Cache before 6.0.6 LTS, 6.1.x and 6.2.x before 6.2.3, and 6.3.x before 6.3.2. It occurs when communication with a

Version: 6.2.1-2ubuntu0.1 2022-06-09 03:06:25 UTC

  varnish (6.2.1-2ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: Sensitive Information Disclosure
    - debian/patches/CVE-2019-20637.patch: Clear err_code and err_reason at
      start of request handling. (LP: #1971504, LP: #1939281)
      CVE-2019-20637
  * SECURITY UPDATE: Assertion failure
    - debian/patches/CVE-2020-11653.patch: Take sizeof pool_task into account
      when reserving WS in SES_Wait. (LP: #1971504, LP: #1939281)
      CVE-2020-11653
  * SECURITY UPDATE: HTTP Request Smuggling
    - debian/patches/CVE-2021-36740.patch: Take content length into
      account on H/2 request bodies. (LP: #1971504, LP: #1939281)
    - debian/patches/CVE-2022-23959.patch: Mark req doclose when failing
      to ignore req body. (LP: #1971504, LP: #1939281)
      CVE-2021-36740
      CVE-2022-23959
  * Additions fixes
    - debian/patches/WS_ReserveAll.patch: Add WS_ReserveAll to replace
      WS_Reserve(ws, 0).
    - debian/patches/WS_ReserveSize.patch: Deprecate WS_Reserve() and replace
      it with WS_ReserveSize().

 -- Luís Infante da Câmara <email address hidden> Wed, 04 May 2022 21:16:37 +0100
1971504 Multiple vulnerabilities in Bionic, Focal, Impish, Jammy and Kinetic
1939281 Please provide update for CVE-2021-36740 (VSV00007 Varnish HTTP/2 Request Smuggling Attack)
CVE-2019-20637 An issue was discovered in Varnish Cache before 6.0.5 LTS, 6.1.x and 6.2.x before 6.2.2, and 6.3.x before 6.3.1. It does not clear a pointer between
CVE-2020-11653 An issue was discovered in Varnish Cache before 6.0.6 LTS, 6.1.x and 6.2.x before 6.2.3, and 6.3.x before 6.3.2. It occurs when communication with a
CVE-2021-36740 Varnish Cache, with HTTP/2 enabled, allows request smuggling and VCL authorization bypass via a large Content-Length header for a POST request. This
CVE-2022-23959 In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and and Varnish Enterprise (Cache Plus) 4.1.x before 4.1.11r


About   -   Send Feedback to @ubuntu_updates