Stay Connected:

ELSA-2020-4756

ELSA-2020-4756 - varnish:6 security, bug fix, and enhancement update

Type:SECURITY
Impact:MODERATE
Release Date:2020-11-10

Description


varnish
[6.0.6-2]
- new version 6.0.6
- Resolves: #1795673 - RFE: rebase varnish:6 to latest 6.0.x LTS
- Resolves: #1790907 - CVE-2019-20637 varnish: not clearing pointer between two
client requests leads to information disclosure
- Resolves: #1763958 - CVE-2019-15892 varnish:6/varnish: denial of service
handling certain crafted HTTP/1 requests

varnish-modules
[0.15.0-5]
- Related: #1795673 - RFE: rebase varnish:6 to latest 6.0.x LTS


Related CVEs


CVE-2019-20637
CVE-2019-15892
CVE-2020-11653

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 8 (aarch64) varnish-6.0.6-2.module+el8.3.0+7653+45014445.src.rpmc3966dca343572d63f2b2b0a99d18781a28ec1e3b91913d3c9de07f5e18a5b63-ol8_aarch64_appstream
varnish-modules-0.15.0-5.module+el8.3.0+7653+45014445.src.rpm7601c5202cde4e26796bb9a17b40786d0271ff525f529fb17eb77848c8f90260-ol8_aarch64_appstream
varnish-6.0.6-2.module+el8.3.0+7653+45014445.aarch64.rpmfe54239fc43bb678632bdb9658da0fbdfc0b7c7d702aa8efe56d518f0838a423-ol8_aarch64_appstream
varnish-devel-6.0.6-2.module+el8.3.0+7653+45014445.aarch64.rpm652589fe05151baa86d45007f58ced4ac7f9d212ba20547c5a0ae57c76ecfa86-ol8_aarch64_appstream
varnish-docs-6.0.6-2.module+el8.3.0+7653+45014445.aarch64.rpm2a76edc216f243a6b96bfc9827974793873b618cb728291e6769db5ddc34a620-ol8_aarch64_appstream
varnish-modules-0.15.0-5.module+el8.3.0+7653+45014445.aarch64.rpm57f19da8f85c7be94cabeb4cde8ee66596476602ac69168bcde469daee62223d-ol8_aarch64_appstream
Oracle Linux 8 (x86_64) varnish-6.0.6-2.module+el8.3.0+7653+45014445.src.rpmc3966dca343572d63f2b2b0a99d18781a28ec1e3b91913d3c9de07f5e18a5b63-ol8_x86_64_appstream
varnish-modules-0.15.0-5.module+el8.3.0+7653+45014445.src.rpm7601c5202cde4e26796bb9a17b40786d0271ff525f529fb17eb77848c8f90260-ol8_x86_64_appstream
varnish-6.0.6-2.module+el8.3.0+7653+45014445.x86_64.rpm6a10049fbfd50e5bcc5dbe763b573f7f2ddca9151d1cf8546fa72aba4aa6c30a-ol8_x86_64_appstream
varnish-devel-6.0.6-2.module+el8.3.0+7653+45014445.x86_64.rpm3108cd95b1b661335803b284c67b4eeb90dba7d361cee874d9ea74836140fb36-ol8_x86_64_appstream
varnish-docs-6.0.6-2.module+el8.3.0+7653+45014445.x86_64.rpmd4bba712837261462472b61537377227fc00fc7e633dac1f028884f0660226c1-ol8_x86_64_appstream
varnish-modules-0.15.0-5.module+el8.3.0+7653+45014445.x86_64.rpm2abd7f343f8bbe4c0363684b99c8bcdb0c65338a9bfca49c6becfac50bbd09be-ol8_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights