[SECURITY] [DSA 4672-1] trafficserver security update














-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4672-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
May 01, 2020                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : trafficserver
CVE ID         : CVE-2019-17559 CVE-2019-17565 CVE-2020-1944 CVE-2020-9481

Several vulnerabilities were discovered in Apache Traffic Server, a
reverse and forward proxy server, which could result in denial of service
or request smuggling attacks.

For the stable distribution (buster), these problems have been fixed in
version 8.0.2+ds-1+deb10u2.

We recommend that you upgrade your trafficserver packages.

For the detailed security status of trafficserver please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/trafficserver

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl6sXUoACgkQEMKTtsN8
TjYFJA//VVLh3ighaQPMj9HhwDwsOrn0GSj8UkRc/nYuEQBdfKf5nE7JJio//U65
NHCGih9o9sfnZ9q+bxryED+RiKMOyUvxqMOqRhXItekVkXaRNWcXWqbGW+2MTL1H
yOSaq9oMMv04/xzUcWId3T3WdrZk9vlehGmj7Eo0W2eH65itXL+RaKAJuZL+Jtrl
XsT380xATHKyyuiN2OaIgWwFGSpzQ1cwXnvQzYOk1LXlTqFA9UhBWZJHsNAwXlqQ
ANURjLVa5Z+LwmkpAgpksL+bSMinX+XKKNsc82e0NJkDFuk/VhQle3AYhERC23eC
Nar2nXHMC9yvH/ym8MNVYa48PTWD3xYalncAOyMiw7b4tts4uWkAPpnhWxY2g9p5
0xIlZvlDFzW50DsneNo1cHscsg4hlYDlzo2ucYBZHlFRFVj+tVU7t/5E+PctKifi
ls8jf7TrDqLJfyyVxH9k+qMpo2KbOWk/PgCfaOsWbTcEVlpUUOCfTx1+rExTVNVs
cmkrA3GYijHNqLhs2Lsrv3TnSOviSXdewnN1uGlfhSEPL9LndKOaxWr6w9P4HCVF
Qvt8p9lZCQM4zs9FvSrvbb6y9B6P5/BzQKwTlJ/ziuUQeLz3Cn+skt9sRFP0u2Un
NGefeHnatRuux9EFVnEqHRsG2+/HbpXiv/Hfdh0M6PNeW23PqLI=
=0mTC
-----END PGP SIGNATURE-----




Reply to:










Source link

Write a comment:
*

Your email address will not be published.