Publishing details
-
Removal requested
.
-
Published
-
Copied from
Primary Archive for Ubuntu
by Ubuntu Archive Auto-Sync
(sponsored by Ubuntu Archive Robot)
-
Originally uploaded to
debian sid in
Primary Archive for Debian GNU/Linux
Changelog
trafficserver (8.1.1+ds-1.1) unstable; urgency=medium
* Non-maintainer upload.
* Address CVE-2021-27577, CVE-2021-32565, CVE-2021-32566, CVE-2021-32567 and
CVE-2021-35474.
- CVE-2021-27577: Incorrect handling of url fragment leads to cache
poisoning
- CVE-2021-32565: HTTP Request Smuggling, content length with invalid
charters
- CVE-2021-32566: Specific sequence of HTTP/2 frames can cause ATS to
crash
- CVE-2021-32567: Reading HTTP/2 frames too many times
- CVE-2021-35474: Dynamic stack buffer overflow in cachekey plugin
(Closes: #990303)
-- Salvatore Bonaccorso <email address hidden> Thu, 15 Jul 2021 21:48:17 +0200
Builds
Package files