Fedora 25: varnish Security Update
Summary
This is Varnish Cache, a high-performance HTTP accelerator.
Varnish Cache stores web pages in memory so web servers don't have to
create the same web page over and over again. Varnish Cache serves
pages much faster than any application server; giving the website a
significant speed up.
Documentation wiki and additional information about Varnish Cache is
available on: https://varnish-cache.org/
New upstream release. This is a security release with a fix for CVE-2017-12425,
a crash bug that might be used in a denial of service attack. Details from the
upstream project are found here: http://varnish-cache.org/security/VSV00001.html
[ 1 ] Bug #1477698 - CVE-2017-12425 varnish: Missing check for integer overflow when handling chunk sizes in HTTP requests [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477698
su -c 'dnf upgrade varnish' at the command line.
For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
FEDORA-2017-bfbc5de1b1 2017-08-14 20:13:22.590845 Product : Fedora 25 Version : 5.0.0 Release : 4.fc25 URL : http://varnish-cache.org/ Summary : High-performance HTTP accelerator Description : This is Varnish Cache, a high-performance HTTP accelerator. Varnish Cache stores web pages in memory so web servers don't have to create the same web page over and over again. Varnish Cache serves pages much faster than any application server; giving the website a significant speed up. Documentation wiki and additional information about Varnish Cache is available on: https://varnish-cache.org/ New upstream release. This is a security release with a fix for CVE-2017-12425, a crash bug that might be used in a denial of service attack. Details from the upstream project are found here: http://varnish-cache.org/security/VSV00001.html [ 1 ] Bug #1477698 - CVE-2017-12425 varnish: Missing check for integer overflow when handling chunk sizes in HTTP requests [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477698 su -c 'dnf upgrade varnish' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Change Log
References
Update Instructions
