Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:13.2:Update
patchinfo.5044
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.5044
<patchinfo incident="5044"> <issue id="976097" tracker="bnc">VUL-0: CVE-2015-8852: varnish: Vulnerable to HTTP Smuggling issues: Double Content Length and bad EOL</issue> <issue id="CVE-2015-8852" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>jengelh</packager> <description> This varnish update to version 3.0.7 fixes the following issues: Security issues fixed: - CVE-2015-8852: Vulnerable to HTTP Smuggling issues: Double Content Length and bad EOL. (boo#976097) Bugs fixed: - Stop recognizing a single CR (\r) as a HTTP line separator. - Improved error detection on master-child process communication, leading to faster recovery (child restart) if communication loses sync. - Fix a corner-case where Content-Length was wrong for HTTP 1.0 clients, when using gzip and streaming. - More robust handling of hop-by-hop headers. - Avoid memory leak when adding bans. </description> <summary>Security update for varnish</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor