Publishing details

• Removed from disk on 2022-08-23.
• Removal requested on 2022-08-23.
• Superseded on 2022-08-22 by varnish - 6.2.1-2ubuntu0.2
• Published on 2022-06-08
• Copied from ubuntu focal in PPA for Ubuntu Security Proposed by Paulo Flabiano Smorigo

Changelog

varnish (6.2.1-2ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: Sensitive Information Disclosure
    - debian/patches/CVE-2019-20637.patch: Clear err_code and err_reason at
      start of request handling. (LP: #1971504, LP: #1939281)
      CVE-2019-20637
  * SECURITY UPDATE: Assertion failure
    - debian/patches/CVE-2020-11653.patch: Take sizeof pool_task into account
      when reserving WS in SES_Wait. (LP: #1971504, LP: #1939281)
      CVE-2020-11653
  * SECURITY UPDATE: HTTP Request Smuggling
    - debian/patches/CVE-2021-36740.patch: Take content length into
      account on H/2 request bodies. (LP: #1971504, LP: #1939281)
    - debian/patches/CVE-2022-23959.patch: Mark req doclose when failing
      to ignore req body. (LP: #1971504, LP: #1939281)
      CVE-2021-36740
      CVE-2022-23959
  * Additions fixes
    - debian/patches/WS_ReserveAll.patch: Add WS_ReserveAll to replace
      WS_Reserve(ws, 0).
    - debian/patches/WS_ReserveSize.patch: Deprecate WS_Reserve() and replace
      it with WS_ReserveSize().

 -- Luís Infante da Câmara <email address hidden>  Wed, 04 May 2022 21:16:37 +0100

Builds

• amd64
• arm64
• armhf
• ppc64el
• riscv64
• s390x

Package files

• libvarnishapi-dev_6.2.1-2ubuntu0.1_amd64.deb (88.2 KiB)
• libvarnishapi-dev_6.2.1-2ubuntu0.1_arm64.deb (88.2 KiB)
• libvarnishapi-dev_6.2.1-2ubuntu0.1_armhf.deb (88.2 KiB)
• libvarnishapi-dev_6.2.1-2ubuntu0.1_ppc64el.deb (88.2 KiB)
• libvarnishapi-dev_6.2.1-2ubuntu0.1_riscv64.deb (88.2 KiB)
• libvarnishapi-dev_6.2.1-2ubuntu0.1_s390x.deb (88.2 KiB)
• libvarnishapi2-dbgsym_6.2.1-2ubuntu0.1_amd64.ddeb (152.0 KiB)
• libvarnishapi2-dbgsym_6.2.1-2ubuntu0.1_arm64.ddeb (148.2 KiB)
• libvarnishapi2-dbgsym_6.2.1-2ubuntu0.1_armhf.ddeb (145.0 KiB)
• libvarnishapi2-dbgsym_6.2.1-2ubuntu0.1_ppc64el.ddeb (153.7 KiB)
• libvarnishapi2-dbgsym_6.2.1-2ubuntu0.1_riscv64.ddeb (147.8 KiB)
• libvarnishapi2-dbgsym_6.2.1-2ubuntu0.1_s390x.ddeb (153.7 KiB)
• libvarnishapi2_6.2.1-2ubuntu0.1_amd64.deb (68.4 KiB)
• libvarnishapi2_6.2.1-2ubuntu0.1_arm64.deb (63.7 KiB)
• libvarnishapi2_6.2.1-2ubuntu0.1_armhf.deb (62.3 KiB)
• libvarnishapi2_6.2.1-2ubuntu0.1_ppc64el.deb (76.4 KiB)
• libvarnishapi2_6.2.1-2ubuntu0.1_riscv64.deb (63.6 KiB)
• libvarnishapi2_6.2.1-2ubuntu0.1_s390x.deb (63.0 KiB)
• varnish-dbgsym_6.2.1-2ubuntu0.1_amd64.ddeb (1.6 MiB)
• varnish-dbgsym_6.2.1-2ubuntu0.1_arm64.ddeb (1.6 MiB)
• varnish-dbgsym_6.2.1-2ubuntu0.1_armhf.ddeb (1.6 MiB)
• varnish-dbgsym_6.2.1-2ubuntu0.1_ppc64el.ddeb (1.7 MiB)
• varnish-dbgsym_6.2.1-2ubuntu0.1_riscv64.ddeb (1.6 MiB)
• varnish-dbgsym_6.2.1-2ubuntu0.1_s390x.ddeb (1.7 MiB)
• varnish-doc_6.2.1-2ubuntu0.1_all.deb (482.9 KiB)
• varnish_6.2.1-2ubuntu0.1.debian.tar.xz (29.5 KiB)
• varnish_6.2.1-2ubuntu0.1.dsc (2.5 KiB)
• varnish_6.2.1-2ubuntu0.1_amd64.deb (811.4 KiB)
• varnish_6.2.1-2ubuntu0.1_arm64.deb (759.1 KiB)
• varnish_6.2.1-2ubuntu0.1_armhf.deb (770.2 KiB)
• varnish_6.2.1-2ubuntu0.1_ppc64el.deb (859.1 KiB)
• varnish_6.2.1-2ubuntu0.1_riscv64.deb (756.2 KiB)
• varnish_6.2.1-2ubuntu0.1_s390x.deb (742.7 KiB)
• varnish_6.2.1.orig.tar.gz (3.1 MiB)