Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 42: 2025-512daf16b9 critical: trafficserver access control

fedora
Calendar Grey June 27, 2025
Dist Fedora Esm H88
The release of Apache Traffic Server 10.0.6 addresses significant vulnerabilities impacting Fedora 42, improving both security measures and overall performance.
Changes with Apache Traffic Server 10.0.6 #12298 - Add a setting to choose the data source of IP address for ACL #12299 - Add max inclusion depth support for esi plugin 10.0.x #...

Summary

Traffic Server is a high-performance building block for cloud services.

It's more than just a caching proxy server; it also has support for

plugins to build large scale web applications. Key features:

Caching - Improve your response time, while reducing server load and

bandwidth needs by caching and reusing frequently-requested web pages,

images, and web service calls.

Proxying - Easily add keep-alive, filter or anonymize content

requests, or add load balancing by adding a proxy layer.

Fast - Scales well on modern SMP hardware, handling 10s of thousands

of requests per second.

Extensible - APIs to write your own plug-ins to do anything from

modifying HTTP headers to handling ESI requests to writing your own

cache algorithm.

Proven - Handling over 400TB a day at Yahoo! both as forward and

reverse proxies, Apache Traffic Server is battle hardened.

Update Information:

Changes with Apache Traffic Server 10.0.6 #12298 - Add a setting to choose the data source of IP address for ACL #12299 - Add max inclusion depth support for esi plugin 10.0.x #12300 - otel build update for GCC 15 #12301 - autest updates for recent curl and nghttp2 versions (#12165)

Topics%20covered

Topics Covered

security advisory fedora critical access control proxy trafficserver

Change Log

* Tue Jun 17 2025 Jered Floyd 10.0.6-1 - Update to upstream 10.0.6

References


[ 1 ] Bug #2373880 - CVE-2025-31698 trafficserver: Apache Traffic Server PROXY Protocol ACL Bypass [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2373880 [ 2 ] Bug #2373884 - CVE-2025-49763 trafficserver: Traffic Server ESI Inclusion Depth Vulnerability [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2373884

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-512daf16b9' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: trafficserver
Product: Fedora 42
Version: 10.0.6
Release: 1.fc42
URL: https://trafficserver.apache.org/
Summary: Fast, scalable and extensible HTTP/1.1 and HTTP/2 caching proxy server

Topics%20covered

Topics Covered

security advisory fedora critical access control proxy trafficserver

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here