openSUSE Build Service

Overview Repositories Revisions Requests Users Attributes Meta

Security update for varnish

This update for varnish fixes the following issues:

Update to 7.2.1:

- CVE-2022-45059: Fixed a HTTP request smuggling via hop-by-hop headers (boo#1205243).
- CVE-2022-45060: Fixed a HTTP request forgery via character injection through HTTP/2 pseudo-headers (boo#1205242).

Submitted by Jan Engelhardt (jengelh)

Fixed bugs

CVE-2022-45059

CVE-2022-45060

bnc#1205243

VUL-0: CVE-2022-45059: varnish: HTTP request smuggling via hop-by-hop headers

bnc#1205242

VUL-0: CVE-2022-45060: varnish: HTTP request forgery via character injection through HTTP/2 pseudo-headers

Places

Fixed bugs

Selected Binaries

Places