Stay Connected:

ELSA-2021-2988

ELSA-2021-2988 - varnish:6 security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2021-08-03

Description


varnish
[6.0.6-2.1]
- Resolves: #1982861 - CVE-2021-36740 varnish:6/varnish: HTTP/2 request
smuggling attack via a large Content-Length header for a POST request

varnish-modules
[0.15.0-5]
- Related: #1795673 - RFE: rebase varnish:6 to latest 6.0.x LTS


Related CVEs


CVE-2021-36740

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 8 (aarch64) varnish-6.0.6-2.module+el8.4.0+20258+f99218b2.1.src.rpm3984a0bf3f9abbb89da81f6766044afa-
varnish-modules-0.15.0-5.module+el8.3.0+7653+45014445.src.rpm5c7fbb02ea8cb3d2a47326c5b09c0e73-
varnish-6.0.6-2.module+el8.4.0+20258+f99218b2.1.aarch64.rpm41b07637cf5bf07a5cf758dcae980494-
varnish-devel-6.0.6-2.module+el8.4.0+20258+f99218b2.1.aarch64.rpm392acf688684124987eb8b20a39e5aad-
varnish-docs-6.0.6-2.module+el8.4.0+20258+f99218b2.1.aarch64.rpm63b5c2380ec30cdf23e39d4d6cc4dea6-
varnish-modules-0.15.0-5.module+el8.3.0+7653+45014445.aarch64.rpmb7b53693ecc82cffad08ca0ffbec8887-
Oracle Linux 8 (x86_64) varnish-6.0.6-2.module+el8.4.0+20258+f99218b2.1.src.rpm3984a0bf3f9abbb89da81f6766044afa-
varnish-modules-0.15.0-5.module+el8.3.0+7653+45014445.src.rpm5c7fbb02ea8cb3d2a47326c5b09c0e73-
varnish-6.0.6-2.module+el8.4.0+20258+f99218b2.1.x86_64.rpm0e9477cb3c1d2655297e97435bea62b5-
varnish-devel-6.0.6-2.module+el8.4.0+20258+f99218b2.1.x86_64.rpm2ef2e86527bb1deebc1c3d66232588e4-
varnish-docs-6.0.6-2.module+el8.4.0+20258+f99218b2.1.x86_64.rpmc0b278e479e116a88159942cb48afa46-
varnish-modules-0.15.0-5.module+el8.3.0+7653+45014445.x86_64.rpm59a20daa7504fecd5c7a96ba581ba2eb-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights