Alerts This Week
Warning Icon 1 923
Alerts This Week
Warning Icon 1 923

Fedora 21: 2015-4079 Moderate: Varnish Content-Length Issue Fix

fedora
Calendar Grey April 11, 2015
Dist Fedora Esm H88
This release tackles a data-size concern in Varnish, correcting flaws and minimizing RAM consumption in Fedora 21.
This update fixes a bug trigged by a bogus content-length header

Summary

This is Varnish Cache, a high-performance HTTP accelerator.

Documentation wiki and additional information about Varnish is

available on the following web site: http://vinyl-cache.org/

Update Information:

This update fixes a bug trigged by a bogus content-length header. Under special circumstances, it could crash a varnishd subthread.


New upstream release. A bugfix release.

Highlights from the changelog: * 26 reported bugs fixed. * Replaced objects are now expired immediately, instead of kept around until expiry. * Memory usage on chunked backend responses is lower

Topics%20covered

Topics Covered

security advisory Fedora bugfix memory usage content-length HTTP accelerator subthread crash

Change Log

* Fri Mar 13 2015 Ingvar Hagelund 4.0.3-3 - Added a patch fixing a crash on bogus content-length header, closing #1200034 * Fri Mar 6 2015 Ingvar Hagelund 4.0.3-2 - Added selinux module for varnish4 on el6 * Thu Mar 5 2015 Ingvar Hagelund 4.0.3-1 - New upstream release - Removed systemd patch included upstream - Rebased trivial Werr-patch for varnish-4.0.3 - Added patch to build on el5 * Tue Nov 25 2014 Ingvar Hagelund 4.0.2-1 - New upstream release - Rebased sphinx makefile patch - Added systemd services patch from Federico Schwindt * Mon Aug 18 2014 Fedora Release Engineering - 4.0.1-2.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild

References


[ 1 ] Bug #1200034 - varnish: heap-based buffer overflow in backend server HTTP response parsing https://bugzilla.redhat.com/show_bug.cgi?id=1200034

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update varnish' at the command line. For more information, refer to "Managing Software with yum", available at .

Name: varnish
Product: Fedora 21
Version: 4.0.3
Release: 3.fc21
URL: http://vinyl-cache.org/
Summary: High-performance HTTP accelerator

Topics%20covered

Topics Covered

security advisory Fedora bugfix memory usage content-length HTTP accelerator subthread crash

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here