Summary: | <www-servers/varnish-7.1.1: assertion failure via crafted request from backend | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | blueness |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://varnish-cache.org/security/VSV00009.html | ||
Whiteboard: | B3 [noglsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 864991 | ||
Bug Blocks: |
Description
John Helmert III
![]() ![]() ![]() ![]() I just put 7.1.1 in the tree. Preliminary test on amd64 suggests that its ready for rapid stabilization. I'll open a bug now. Thanks! (In reply to John Helmert III from comment #2) > Thanks! 7.1.1 is fully stable and I've taken all vulnerable versions off the tree. Thanks! Impact is very low since this requires a malicious backend, so no GLSA, all done! |