Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Fedora 41: trafficserver 2025-c634be56bc Security Advisory Updates

fedora
Calendar Grey March 14, 2025
Dist Fedora Esm H88
Fedora security advisory for Traffic Server 9.2.9, addressing critical authentication and proxying issues with important updates.
Changes with Apache Traffic Server 9.2.9 #12071 - Fix chunked pipelined requests #12075 - Fix send 100 Continue optimization for GET #12077 - Fix intercept plugin ignoring ACL ...

Summary

Traffic Server is a high-performance building block for cloud services.

It's more than just a caching proxy server; it also has support for

plugins to build large scale web applications. Key features:

Caching - Improve your response time, while reducing server load and

bandwidth needs by caching and reusing frequently-requested web pages,

images, and web service calls.

Proxying - Easily add keep-alive, filter or anonymize content

requests, or add load balancing by adding a proxy layer.

Fast - Scales well on modern SMP hardware, handling 10s of thousands

of requests per second.

Extensible - APIs to write your own plug-ins to do anything from

modifying HTTP headers to handling ESI requests to writing your own

cache algorithm.

Proven - Handling over 400TB a day at Yahoo! both as forward and

reverse proxies, Apache Traffic Server is battle hardened.

Update Information:

Changes with Apache Traffic Server 9.2.9 #12071 - Fix chunked pipelined requests #12075 - Fix send 100 Continue optimization for GET #12077 - Fix intercept plugin ignoring ACL #12079 - ACL combination tests for 9.2.x

Topics%20covered

Topics Covered

security advisory update Fedora access control trafficserver request handling

Change Log

* Wed Mar 5 2025 Jered Floyd 9.2.9-1 - Update to upstream 9.2.9 - Resolves CVE-2024-38311, CVE-2024-56195, CVE-2024-56196, CVE-2024-56202

References


[ 1 ] Bug #2350625 - CVE-2024-56195 trafficserver: Apache Traffic Server: Intercept plugins are not access controlled [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2350625 [ 2 ] Bug #2350627 - CVE-2024-56202 trafficserver: Apache Traffic Server: Expect header field can unreasonably retain resource [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2350627 [ 3 ] Bug #2350629 - CVE-2024-38311 trafficserver: Apache Traffic Server: Request smuggling via pipelining after a chunked message body [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2350629

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-c634be56bc' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: trafficserver
Product: Fedora 41
Version: 9.2.9
Release: 1.fc41
URL: https://trafficserver.apache.org/
Summary: Fast, scalable and extensible HTTP/1.1 and HTTP/2 caching proxy server

Topics%20covered

Topics Covered

security advisory update Fedora access control trafficserver request handling

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here