--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2023-dcbfbf1396
2023-08-18 01:58:38.704443
--------------------------------------------------------------------------------

Name        : trafficserver
Product     : Fedora 38
Version     : 9.2.2
Release     : 1.fc38
URL         : https://trafficserver.apache.org/
Summary     : Fast, scalable and extensible HTTP/1.1 and HTTP/2 caching proxy server
Description :
Traffic Server is a high-performance building block for cloud services.
It's more than just a caching proxy server; it also has support for
plugins to build large scale web applications.  Key features:

Caching - Improve your response time, while reducing server load and
bandwidth needs by caching and reusing frequently-requested web pages,
images, and web service calls.

Proxying - Easily add keep-alive, filter or anonymize content
requests, or add load balancing by adding a proxy layer.

Fast - Scales well on modern SMP hardware, handling 10s of thousands
of requests per second.

Extensible - APIs to write your own plug-ins to do anything from
modifying HTTP headers to handling ESI requests to writing your own
cache algorithm.

Proven - Handling over 400TB a day at Yahoo! both as forward and
reverse proxies, Apache Traffic Server is battle hardened.

--------------------------------------------------------------------------------
Update Information:

Update to upstream 9.2.2.  Changes with Apache Traffic Server 9.2.2   #9544 -
Docs: format typos in header_rewrite doc   #9754 - Fix OCSP detection during
build (9.2.x)   #9829 - Add TSHttpTxnNextHopPortGet, add NEXT-HOP to header
rewrite   #9831 - Allow slice plugin to purge requests   #9840 - Fix crash on
config reload with BoringSSL   #9877 - Do not add content-length for status 204
cache   #9879 - doc: fix the internal libraries section formatting   #9886 - Fix
deprecated set_class for documentation build   #9943 - Add yaml libs reference
to HTTP proxy test suite.   #9944 - Fix clang-format for 9.2.x branch   #9952 -
92x autest updates   #9959 - 9.2.x: OpenSSL 3.0 tls autest updates (#9947)
#9971 - Update to autest version 1.10.3   #9976 - fix: require
RSRC_CLIENT_REQUEST_HEADERS in ConditionMethod   #9989 - Do not set @SECLEVEL
with boringssl   #10038 - LSan: Fix leaks of Cache Unit Test   #10054 - Demote
SSL log line to debug and remove key printing   #10093 - tools/check-unused-
dependencies:  make exceptions for tools under clang+asan   #10103 - autest
get_port: update to use psutil   #10105 - Update autest to the latest 1.10.4
#10107 - Fix ports.py type hint for sets on older Python   #10124 - Fix DbgCtl
reference that got cherry-picked into 9.2.x   #10125 - Remove duplicate slashes
at the beginning of the incoming URL   #10127 - 9.2.x: Correctly handle encoding
for cache hash generation   #10131 - 9.2.x: Fix a crash triggered by invalid
range header
--------------------------------------------------------------------------------
ChangeLog:

* Wed Aug  9 2023 Jered Floyd  9.2.2-1
- Update to upstream 9.2.2
* Sat Jul 22 2023 Fedora Release Engineering  - 9.2.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2228525 - trafficserver-9.2.2-rc0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2228525
  [ 2 ] Bug #2231467 - CVE-2022-47185 CVE-2023-33934 trafficserver: Two flaws in Apache traffic server [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2231467
  [ 3 ] Bug #2231468 - CVE-2022-47185 CVE-2023-33934 trafficserver: Two flaws in Apache traffic server [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2231468
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-dcbfbf1396' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
Do not reply to spam, report it: https://pagure.io/login/

Fedora 38: trafficserver 2023-dcbfbf1396

August 18, 2023
Update to upstream 9.2.2

Summary

Traffic Server is a high-performance building block for cloud services.

It's more than just a caching proxy server; it also has support for

plugins to build large scale web applications. Key features:

Caching - Improve your response time, while reducing server load and

bandwidth needs by caching and reusing frequently-requested web pages,

images, and web service calls.

Proxying - Easily add keep-alive, filter or anonymize content

requests, or add load balancing by adding a proxy layer.

Fast - Scales well on modern SMP hardware, handling 10s of thousands

of requests per second.

Extensible - APIs to write your own plug-ins to do anything from

modifying HTTP headers to handling ESI requests to writing your own

cache algorithm.

Proven - Handling over 400TB a day at Yahoo! both as forward and

reverse proxies, Apache Traffic Server is battle hardened.

Update Information:

Update to upstream 9.2.2. Changes with Apache Traffic Server 9.2.2 #9544 - Docs: format typos in header_rewrite doc #9754 - Fix OCSP detection during build (9.2.x) #9829 - Add TSHttpTxnNextHopPortGet, add NEXT-HOP to header rewrite #9831 - Allow slice plugin to purge requests #9840 - Fix crash on config reload with BoringSSL #9877 - Do not add content-length for status 204 cache #9879 - doc: fix the internal libraries section formatting #9886 - Fix deprecated set_class for documentation build #9943 - Add yaml libs reference to HTTP proxy test suite. #9944 - Fix clang-format for 9.2.x branch #9952 - 92x autest updates #9959 - 9.2.x: OpenSSL 3.0 tls autest updates (#9947) #9971 - Update to autest version 1.10.3 #9976 - fix: require RSRC_CLIENT_REQUEST_HEADERS in ConditionMethod #9989 - Do not set @SECLEVEL with boringssl #10038 - LSan: Fix leaks of Cache Unit Test #10054 - Demote SSL log line to debug and remove key printing #10093 - tools/check-unused- dependencies: make exceptions for tools under clang+asan #10103 - autest get_port: update to use psutil #10105 - Update autest to the latest 1.10.4 #10107 - Fix ports.py type hint for sets on older Python #10124 - Fix DbgCtl reference that got cherry-picked into 9.2.x #10125 - Remove duplicate slashes at the beginning of the incoming URL #10127 - 9.2.x: Correctly handle encoding for cache hash generation #10131 - 9.2.x: Fix a crash triggered by invalid range header

Change Log

* Wed Aug 9 2023 Jered Floyd 9.2.2-1 - Update to upstream 9.2.2 * Sat Jul 22 2023 Fedora Release Engineering - 9.2.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild

References

[ 1 ] Bug #2228525 - trafficserver-9.2.2-rc0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2228525 [ 2 ] Bug #2231467 - CVE-2022-47185 CVE-2023-33934 trafficserver: Two flaws in Apache traffic server [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2231467 [ 3 ] Bug #2231468 - CVE-2022-47185 CVE-2023-33934 trafficserver: Two flaws in Apache traffic server [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2231468

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-dcbfbf1396' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
Name : trafficserver
Product : Fedora 38
Version : 9.2.2
Release : 1.fc38
URL : https://trafficserver.apache.org/
Summary : Fast, scalable and extensible HTTP/1.1 and HTTP/2 caching proxy server

Related News

22.Lock ScreenEffect Esm H320
2 - 3 min read
Red Hat recently released its newest enterprise Linux distro, Red Hat Enterprise Linux (RHEL) 9.4 , which introduces several features designed to
8.Locks HexConnections CodeGlobe Esm H320
1 - 2 min read
The latest release of Debian , one of the oldest and most trusted distributions within the Linux ecosystem, redefines security, stability, and
20.Lock AbstractDigital Circular Esm H320
1 - 2 min read
The Ubuntu security team has recently discovered and addressed multiple vulnerabilities in the Apache HTTP Server. The vulnerabilities affected
1.Penguin Landscape Esm H320
1 - 2 min read
A critical vulnerability was discovered in the Linux kernel's netfilter subsystem, specifically within the nf_tables component, posing potential
19.Laptop Bed Esm H320
2 - 3 min read
The release of Google Chrome 124 addresses four vulnerabilities, including a critical security flaw that can enable attackers to execute arbitrary
23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved