Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Denial of Service in Varnish
Aktuelle Meldungen Distributionen
Name: Denial of Service in Varnish
ID: FEDORA-2017-bfbc5de1b1
Distribution: Fedora
Plattformen: Fedora 25
Datum: Di, 15. August 2017, 07:32
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12425

Originalnachricht

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2017-bfbc5de1b1
2017-08-14 20:13:22.590845
-------------------------------------------------------------------------------
-

Name : varnish
Product : Fedora 25
Version : 5.0.0
Release : 4.fc25
URL : http://www.varnish-cache.org/
Summary : High-performance HTTP accelerator
Description :
This is Varnish Cache, a high-performance HTTP accelerator.

Varnish Cache stores web pages in memory so web servers don't have to
create the same web page over and over again. Varnish Cache serves
pages much faster than any application server; giving the website a
significant speed up.

Documentation wiki and additional information about Varnish Cache is
available on: https://www.varnish-cache.org/

-------------------------------------------------------------------------------
-
Update Information:

New upstream release. This is a security release with a fix for CVE-2017-12425,
a crash bug that might be used in a denial of service attack. Details from the
upstream project are found here: http://varnish-
cache.org/security/VSV00001.html
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1477698 - CVE-2017-12425 varnish: Missing check for integer
overflow when handling chunk sizes in HTTP requests [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477698
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade varnish' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung