Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Fedora 39: 2024-b1e16b4335 Moderate: Trafficserver DoS Issue Resolution

fedora
Calendar Grey April 12, 2024
Dist Fedora Esm H88
Mitigate ongoing CONTINUATION frame DoS vulnerabilities in Fedora 39 Trafficserver by applying the latest security patches. Ensure your system is fully updated to strengthen defenses.

Update to upstream 9.2.4, resolves CVE-2024-31309 (CONTINUATION frames DoS)

Summary

Traffic Server is a high-performance building block for cloud services.

It's more than just a caching proxy server; it also has support for

plugins to build large scale web applications. Key features:

Caching - Improve your response time, while reducing server load and

bandwidth needs by caching and reusing frequently-requested web pages,

images, and web service calls.

Proxying - Easily add keep-alive, filter or anonymize content

requests, or add load balancing by adding a proxy layer.

Fast - Scales well on modern SMP hardware, handling 10s of thousands

of requests per second.

Extensible - APIs to write your own plug-ins to do anything from

modifying HTTP headers to handling ESI requests to writing your own

cache algorithm.

Proven - Handling over 400TB a day at Yahoo! both as forward and

reverse proxies, Apache Traffic Server is battle hardened.

Update Information:

Update to upstream 9.2.4, resolves CVE-2024-31309 (CONTINUATION frames DoS)

Change Log

* Wed Apr 3 2024 Jered Floyd 9.2.4-1 - Update to upstream 9.2.4 - Resolves CVE-2024-31309 * Sat Jan 27 2024 Fedora Release Engineering - 9.2.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild

References


[ 1 ] Bug #2269627 - CVE-2024-31309 trafficserver: CONTINUATION frames DoS https://bugzilla.redhat.com/show_bug.cgi?id=2269627

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-b1e16b4335' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Name: trafficserver
Product: Fedora 39
Version: 9.2.4
Release: 1.fc39
Summary: Fast, scalable and extensible HTTP/1.1 and HTTP/2 caching proxy server

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here