ALSA-2023:5924

[ALSA-2023:5924] Important: varnish security update

Type:

security

Severity:

important

Release date:

2023-10-20

Description:

Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up.

Security Fix(es):

* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	varnish-6.6.2-3.el9_2.1.aarch64.rpm	2cba6ac414e7339c2b9985d622fb9893fe5f3800144e419fe53b9a4281a0c51a
aarch64	varnish-devel-6.6.2-3.el9_2.1.aarch64.rpm	2e7718164e5eb7fe70678be2cd2e77841f52a31c2f58b66b3bace81f6e2b0483
aarch64	varnish-docs-6.6.2-3.el9_2.1.aarch64.rpm	9745ad4d0c7abac78f3ac0686e743d3e3e69cdf14e2253f050e1775d0dfb4731
i686	varnish-devel-6.6.2-3.el9_2.1.i686.rpm	2d4dd60359da52773b3648ed7b225e5e025d08526b53bccf76014b8d2c81c00e
i686	varnish-6.6.2-3.el9_2.1.i686.rpm	3ea12d71bfd788dcb1f8af61ec02e76eaecc290bb084ec91ad10106f14b44f0a
ppc64le	varnish-docs-6.6.2-3.el9_2.1.ppc64le.rpm	7a82be6da317cc4a73e1efa8105f2eade092a46c5a26692ddc7a11ce26d00642
ppc64le	varnish-6.6.2-3.el9_2.1.ppc64le.rpm	84c3de9483c6a70447645ff0e6d7ad4af7a67c6e9089dae76c5d49aa0964c34a
ppc64le	varnish-devel-6.6.2-3.el9_2.1.ppc64le.rpm	f4032a9a38ca78d961b0efcc53735c49e0dc212721fd8c5b55deb22e114a3d10
s390x	varnish-devel-6.6.2-3.el9_2.1.s390x.rpm	4422d532b1e1accf0804fd6b6572bc5685b1484b9b7d1de8f8c388a5cd161724
s390x	varnish-6.6.2-3.el9_2.1.s390x.rpm	9ce53e484f6ba49f4a9f4cd5b87d97326beda8e88cb1a74f842e1838b2397904
s390x	varnish-docs-6.6.2-3.el9_2.1.s390x.rpm	f846c3f702fd438999a77f0d13a47313133671ca0de5bd8d315364387940d38c
x86_64	varnish-6.6.2-3.el9_2.1.x86_64.rpm	74b149f708fe554563385557cb3da8f6df5de413d9127b3ca2f54d04c7116b42
x86_64	varnish-devel-6.6.2-3.el9_2.1.x86_64.rpm	8f2d19affb8edefa3c982380ed47db3946930832356ed485880e683af9fb0da5
x86_64	varnish-docs-6.6.2-3.el9_2.1.x86_64.rpm	fb9a628913d4db7818b14711d25463da2d71caa4cfce421ede94a917430b2089

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.