8 matches found
USN-5474-2 varnish regression
USN-5474-1 fixed vulnerabilities in Varnish Cache. Unfortunately the fix for CVE-2020-11653 was incomplete. This update fixes the problem. Original advisory details: It was discovered that Varnish Cache could have an assertion failure when a TLS termination proxy uses PROXY version 2. A remote...
CentOS 8 : varnish:6 (CESA-2020:4756)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4756 advisory. - varnish: denial of service handling certain crafted HTTP/1 requests CVE-2019-15892 - varnish: not clearing pointer between two client requests leads ...
Moderate: Red Hat Security Advisory: varnish:6 security, bug fix, and enhancement update
An update for the varnish:6 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Moderate: varnish:6 security, bug fix, and enhancement update
Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. The following packages have been upgraded to a later upstream version: varnish 6.0.6. BZ1795673...
openSUSE Security Update : varnish (openSUSE-2020-808)
This update for varnish fixes the following issues : - CVE-2019-20637: Fixed an information leak when handling one client request and the next on the same connection boo1169040 - CVE-2020-11653: Fixed a performance loss due to an assertion failure and daemon restart when communicating with TLS...
openSUSE: Security Advisory for varnish (openSUSE-SU-2020:0808-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2020-11653
CVE-2020-11653 affects Varnish Cache prior to 6.0.6 LTS, 6.1.x prior to 6.2.3, and 6.3.x prior to 6.3.2. When a TLS termination proxy uses PROXY v2, an assertion failure can occur, causing the varnishd daemon to restart and leading to performance loss. Connected advisories (Debian/Ubuntu/Rocky) r...
CVE-2020-11653
An issue was discovered in Varnish Cache before 6.0.6 LTS, 6.1.x and 6.2.x before 6.2.3, and 6.3.x before 6.3.2. It occurs when communication with a TLS termination proxy uses PROXY version 2. There can be an assertion failure and daemon restart, which causes a performance loss...