Oracle Linux Security Advisory ELSA-2022-8649 https://linux.oracle.com/errata/ELSA-2022-8649.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: varnish-6.0.8-2.module+el8.7.0+20885+cb213da4.1.x86_64.rpm varnish-devel-6.0.8-2.module+el8.7.0+20885+cb213da4.1.x86_64.rpm varnish-docs-6.0.8-2.module+el8.7.0+20885+cb213da4.1.x86_64.rpm varnish-modules-0.15.0-6.module+el8.5.0+20320+0b4af72d.x86_64.rpm aarch64: varnish-6.0.8-2.module+el8.7.0+20885+cb213da4.1.aarch64.rpm varnish-devel-6.0.8-2.module+el8.7.0+20885+cb213da4.1.aarch64.rpm varnish-docs-6.0.8-2.module+el8.7.0+20885+cb213da4.1.aarch64.rpm varnish-modules-0.15.0-6.module+el8.5.0+20320+0b4af72d.aarch64.rpm SRPMS: https://oss.oracle.com/ol8/SRPMS-updates/varnish-6.0.8-2.module+el8.7.0+20885+cb213da4.1.src.rpm https://oss.oracle.com/ol8/SRPMS-updates/varnish-modules-0.15.0-6.module+el8.5.0+20320+0b4af72d.src.rpm Related CVEs: CVE-2022-45060 Description of changes: varnish [6.0.8-2.1] - Resolves: #2142092 - CVE-2022-45060 varnish:6/varnish: Request Forgery Vulnerability [6.0.8-2] - Resolves: #2047650 - CVE-2022-23959 varnish:6/varnish: Varnish HTTP/1 Request Smuggling Vulnerability varnish-modules [0.15.0-6] - Related: #1982862 - rebuild for new varnish version _______________________________________________ El-errata mailing list [email protected] https://oss.oracle.com/mailman/listinfo/el-errata