-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4101-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk March 31, 2025 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : varnish Version : 6.5.1-1+deb11u4 CVE ID : CVE-2025-30346 A HTTP/1 client-side desync vulnerability has been fixed in Varnish, a caching HTTP reverse proxy. For Debian 11 bullseye, this problem has been fixed in version 6.5.1-1+deb11u4. We recommend that you upgrade your varnish packages. For the detailed security status of varnish please refer to its security tracker page at: https://security-tracker.debian.org/tracker/varnish Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmfrAXkACgkQiNJCh6LY mLFGng//TjMnBPlxo/6oxEZR5tw50BdnPKuQEJUQ/yVf3bRj7fRrMz2Io8wSrBdm B6mYATvmbpRxutrk0NKIE9pKL9JhYQeyNLLvjpDU2OblajgLDMSW83CV05Lsdqo6 /oR+PqrWE1sJKHvgAiOCve5aurQdkA5spS8ZoLTXZJgDuVl1o2yfHf4lPcClwvot wKDLVj8BWISn4+NZ/u8ODAsi4aBD5huSPLpoxGM4/KMqjJrzQTw6JkWibxq0a2b5 l0pqpiHgoOmLB/F2NVpbCK1WmuBOumiSRINI/3H37/APNtG3IG0lMrLQpIkR9XIy EchSSluTdAjtFOJOzTaFZ7SSmSu3iZ5zqinv+1uCa/UZlpifLYfOIoYV1IbqWpXO fb7tREZBCLP/kW/3NVpHIcKD/apiIAR1xa6iom9Qk34+hlPFt4i765W3ObiypuHz olBxHOiQmcJOD5caGLIvlmzO7LbjzWvJoBlqudhVNZ2PQjeMXwAnRy7OGZRek+eU DJlSPPqMLEES7rCBiOrYf76UWo2fS+lQg7YkRX3Sg4wo+EzjmH0mirBQErbc0gui CWmFe7+fcNczU45u0mCD2Y2qsUE7n3GFmFHzaWXk7WCR15VijAkCrrJiatjOeQNk 5hzsOK3x+YUqVhuKwOTJr7XJSKncAn38atVLrla9AsKgosVczMQ= =WSSg -----END PGP SIGNATURE-----
