FEDORA-2015-4079

security update in Fedora 21 for varnish

Status: stable 4 years ago

This update fixes a bug trigged by a bogus content-length header. Under special circumstances, it could crash a varnishd subthread.

New upstream release. A bugfix release.

Highlights from the changelog: 26 reported bugs fixed. Replaced objects are now expired immediately, instead of kept around until expiry. * Memory usage on chunked backend responses is lower

Fore a detailed list of changes, please see the project's announcement at https://www.varnish-cache.org/content/varnish-cache-403

Comments 10

This update has been submitted for testing by ingvar.

Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/47923/steps/runtask/logs/stdio (results are informative only)

Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/47923/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 21 testing updates repository.

This update has been pushed to testing

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

This update has been submitted for stable by ingvar.

Taskotron: upgradepath test PASSED on noarch. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/56824/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 21 stable updates repository.

This update has been pushed to stable

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
0
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Disabled
Autopush (time)
Disabled
Dates
submitted 4 years ago
in testing 4 years ago
in stable 4 years ago

Related Bugs 2

00 #1200034 varnish: heap-based buffer overflow in backend server HTTP response parsing
00 #1200035 varnish: heap-based buffer overflow in backend server HTTP response parsing [fedora-all]

Automated Test Results