Hi Marco,
On Thu, Apr 04, 2024 at 11:05:03AM +0200, Marco d'Itri wrote:
> On Apr 04, Salvatore Bonaccorso wrote:
>
> > While I do agree (and it was filled with this severity), the bug
> > severity would not be RC, varnish currently seem to lack active
> > maintainership.
> Not anymore: https://
On Apr 04, Salvatore Bonaccorso wrote:
> While I do agree (and it was filled with this severity), the bug
> severity would not be RC, varnish currently seem to lack active
> maintainership.
Not anymore: https://salsa.debian.org/md/varnish/ .
--
ciao,
Marco
signature.asc
Description: PGP sign
On Thu, Apr 04, 2024 at 05:54:51AM +0200, Salvatore Bonaccorso wrote:
> Hi Marco,
>
> [CC'ing security team]
>
> On Mon, Apr 01, 2024 at 04:25:05PM +0200, Marco d'Itri wrote:
> > Control: found -1 5.0.0-1
> > Control: fixed -1 7.4.2
> >
> > On Nov 17, Salvatore Bonaccorso wrote:
> >
> > > CVE-
Hi Marco,
[CC'ing security team]
On Mon, Apr 01, 2024 at 04:25:05PM +0200, Marco d'Itri wrote:
> Control: found -1 5.0.0-1
> Control: fixed -1 7.4.2
>
> On Nov 17, Salvatore Bonaccorso wrote:
>
> > CVE-2023-44487[0]:
> > | The HTTP/2 protocol allows a denial of service (server resource
> > | c
Control: found -1 5.0.0-1
Control: fixed -1 7.4.2
On Nov 17, Salvatore Bonaccorso wrote:
> CVE-2023-44487[0]:
> | The HTTP/2 protocol allows a denial of service (server resource
> | consumption) because request cancellation can reset many streams
> | quickly, as exploited in the wild in August t
Source: varnish
Version: 7.1.1-1.1
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for varnish.
CVE-2023-44487[0]:
| The HTTP/2 protocol allows a denial of service (server resource
| consumption) bec
6 matches
Mail list logo
