*** This bug is a security vulnerability ***
Public security bug reported:
The version in Bionic is vulnerable to CVE-2019-20637 and
CVE-2022-23959.
The version in Focal is vulnerable to CVE-2019-20637, CVE-2020-11653,
CVE-2021-36740 (bug #1939281) and CVE-2022-23959.
The versions in Impish, Jammy and Kinetic are vulnerable to
CVE-2022-23959.
Please release patched versions.
Debian released an advisory on March 3.
** Affects: varnish (Ubuntu)
Importance: Undecided
Status: New
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-20637
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-23959
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-11653
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-36740
** Information type changed from Private Security to Public Security
** Description changed:
The version in Bionic is vulnerable to CVE-2019-20637 and
CVE-2022-23959.
The version in Focal is vulnerable to CVE-2019-20637, CVE-2020-11653,
- CVE-2021-36740 and CVE-2022-23959.
+ CVE-2021-36740 (bug #1939281) and CVE-2022-23959.
The versions in Impish, Jammy and Kinetic are vulnerable to
CVE-2022-23959.
Please release patched versions.
Debian released an advisory on March 3.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1971504
Title:
Multiple vulnerabilities in Bionic, Focal, Impish, Jammy and Kinetic
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/varnish/+bug/1971504/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
