--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2023-2e6bead58b
2023-06-23 01:00:55.101861
--------------------------------------------------------------------------------Name        : trafficserver
Product     : Fedora 38
Version     : 9.2.1
Release     : 1.fc38
URL         : https://trafficserver.apache.org/
Summary     : Fast, scalable and extensible HTTP/1.1 and HTTP/2 caching proxy server
Description :
Traffic Server is a high-performance building block for cloud services.
It's more than just a caching proxy server; it also has support for
plugins to build large scale web applications.  Key features:

Caching - Improve your response time, while reducing server load and
bandwidth needs by caching and reusing frequently-requested web pages,
images, and web service calls.

Proxying - Easily add keep-alive, filter or anonymize content
requests, or add load balancing by adding a proxy layer.

Fast - Scales well on modern SMP hardware, handling 10s of thousands
of requests per second.

Extensible - APIs to write your own plug-ins to do anything from
modifying HTTP headers to handling ESI requests to writing your own
cache algorithm.

Proven - Handling over 400TB a day at Yahoo! both as forward and
reverse proxies, Apache Traffic Server is battle hardened.

--------------------------------------------------------------------------------Update Information:

Update to upstream 9.2.1; resolves CVE-2022-47184, CVE-2023-30631,
CVE-2023-33933
--------------------------------------------------------------------------------ChangeLog:

* Tue Jun 13 2023 Jered Floyd  9.2.1-1
- Update to upstream 9.2.1
--------------------------------------------------------------------------------References:

  [ 1 ] Bug #2213425 - trafficserver-9.2.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2213425
  [ 2 ] Bug #2214994 - CVE-2022-47184 trafficserver: The TRACE method can be used to disclose network information [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2214994
  [ 3 ] Bug #2214998 - CVE-2023-30631 trafficserver: Configuration option to block the PUSH method in ATS didn't work [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2214998
  [ 4 ] Bug #2215002 - CVE-2023-33933 trafficserver: s3_auth plugin problem with hash calculation [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2215002
--------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-2e6bead58b' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------_______________________________________________
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

Fedora 38: trafficserver 2023-2e6bead58b

June 23, 2023

Update to upstream 9.2.1; resolves CVE-2022-47184, CVE-2023-30631, CVE-2023-33933

Summary

Traffic Server is a high-performance building block for cloud services.

It's more than just a caching proxy server; it also has support for

plugins to build large scale web applications. Key features:

Caching - Improve your response time, while reducing server load and

bandwidth needs by caching and reusing frequently-requested web pages,

images, and web service calls.

Proxying - Easily add keep-alive, filter or anonymize content

requests, or add load balancing by adding a proxy layer.

Fast - Scales well on modern SMP hardware, handling 10s of thousands

of requests per second.

Extensible - APIs to write your own plug-ins to do anything from

modifying HTTP headers to handling ESI requests to writing your own

cache algorithm.

Proven - Handling over 400TB a day at Yahoo! both as forward and

reverse proxies, Apache Traffic Server is battle hardened.

Update to upstream 9.2.1; resolves CVE-2022-47184, CVE-2023-30631,

CVE-2023-33933

* Tue Jun 13 2023 Jered Floyd 9.2.1-1

- Update to upstream 9.2.1

[ 1 ] Bug #2213425 - trafficserver-9.2.1 is available

https://bugzilla.redhat.com/show_bug.cgi?id=2213425

[ 2 ] Bug #2214994 - CVE-2022-47184 trafficserver: The TRACE method can be used to disclose network information [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=2214994

[ 3 ] Bug #2214998 - CVE-2023-30631 trafficserver: Configuration option to block the PUSH method in ATS didn't work [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=2214998

[ 4 ] Bug #2215002 - CVE-2023-33933 trafficserver: s3_auth plugin problem with hash calculation [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=2215002

su -c 'dnf upgrade --advisory FEDORA-2023-2e6bead58b' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/keys

package-announce mailing list -- [email protected]

To unsubscribe send an email to [email protected]

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/[email protected]

Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

FEDORA-2023-2e6bead58b 2023-06-23 01:00:55.101861 Product : Fedora 38 Version : 9.2.1 Release : 1.fc38 URL : https://trafficserver.apache.org/ Summary : Fast, scalable and extensible HTTP/1.1 and HTTP/2 caching proxy server Description : Traffic Server is a high-performance building block for cloud services. It's more than just a caching proxy server; it also has support for plugins to build large scale web applications. Key features: Caching - Improve your response time, while reducing server load and bandwidth needs by caching and reusing frequently-requested web pages, images, and web service calls. Proxying - Easily add keep-alive, filter or anonymize content requests, or add load balancing by adding a proxy layer. Fast - Scales well on modern SMP hardware, handling 10s of thousands of requests per second. Extensible - APIs to write your own plug-ins to do anything from modifying HTTP headers to handling ESI requests to writing your own cache algorithm. Proven - Handling over 400TB a day at Yahoo! both as forward and reverse proxies, Apache Traffic Server is battle hardened. Update to upstream 9.2.1; resolves CVE-2022-47184, CVE-2023-30631, CVE-2023-33933 * Tue Jun 13 2023 Jered Floyd 9.2.1-1 - Update to upstream 9.2.1 [ 1 ] Bug #2213425 - trafficserver-9.2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2213425 [ 2 ] Bug #2214994 - CVE-2022-47184 trafficserver: The TRACE method can be used to disclose network information [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2214994 [ 3 ] Bug #2214998 - CVE-2023-30631 trafficserver: Configuration option to block the PUSH method in ATS didn't work [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2214998 [ 4 ] Bug #2215002 - CVE-2023-33933 trafficserver: s3_auth plugin problem with hash calculation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2215002 su -c 'dnf upgrade --advisory FEDORA-2023-2e6bead58b' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys package-announce mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

Change Log

References

Update Instructions

Severity

Product : Fedora 38

Version : 9.2.1

Release : 1.fc38

URL : https://trafficserver.apache.org/

Summary : Fast, scalable and extensible HTTP/1.1 and HTTP/2 caching proxy server

What Are You Looking For?

Popular Tags

Fedora 38: trafficserver 2023-2e6bead58b

Summary

Change Log

References

Update Instructions

Long-term Support for Linux Kernel to Be Cut as Maintenance Remains Under Strain

RISC-V With Linux 6.6 Offers Better Kernel Security With KASLR

Microsoft's CBL-Mariner 2.0 Linux Distribution Adds Clippy

Nitrux Devs Make It Easier to Upgrade Your Immutable Nitrux OS Installations

News

Advisories

HOWTOs

Features

Everything You Need to Know About Linux Proxy Servers

Simple Steps for Identifying & Troubleshooting a Kernel Panic

Linux Endpoint Detection and Response (EDR): A Crucial Part of a Successful Cybersecurity Strategy

Supercharging Linux: Tips & Tricks to Beat the Threat Landscape

LinuxSecurity.com Migrates to Joomla 4 and PHP 8: Our Experience & Key Takeaways

About Us

Powered By

Feedback

What Are You Looking For?

Popular Tags

Fedora 38: trafficserver 2023-2e6bead58b

Summary

Change Log

References

Update Instructions

Get the Latest News & Insights

Related News

News

Advisories

HOWTOs

Features

About Us

Powered By