[Pkg-varnish-devel] Bug#783510: varnish, backport upstream varnish3 http smuggling fix
Régis Leroy
regis.leroy at makina-corpus.com
Mon Apr 27 16:09:31 UTC 2015
Package: varnish
Version: 3.0.2-2+deb7u1
On oldstable varnish v3 is still used.
Two security fix have been made on this old version (nothing to do for
V4 used on stable)
They were added in 3.0.7:
- Stop recognizing a single CR (r) as a HTTP line separator.
This opened up a possible cache poisioning attack in stacked
installations where
sslterminator/varnish/backend had different CR handling
- Requests with multiple Content-Length headers will now fail
Patchs are here:
*
https://github.com/varnish/Varnish-Cache/commit/29870c8fe95e4e8a672f6f28c5fbe692bea09e9c
*
https://github.com/varnish/Varnish-Cache/commit/85e8468bec9416bd7e16b0d80cb820ecd2b330c3
I'd like to get theses patchs on the oldstable varnish package.
--
More information about the Pkg-varnish-devel
mailing list