[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DSA 5311-1] trafficserver security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5311-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
January 08, 2023                      https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : trafficserver
CVE ID         : CVE-2022-32749 CVE-2022-37392

Several vulnerabilities were discovered in Apache Traffic Server, a
reverse and forward proxy server, which could result in HTTP request
smuggling, cache poisoning or denial of service.

For the stable distribution (bullseye), these problems have been fixed in
version 8.1.6+ds-1~deb11u1.

We recommend that you upgrade your trafficserver packages.

For the detailed security status of trafficserver please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/trafficserver

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmO7EQsACgkQEMKTtsN8
Tjbf8BAApaDgFV524mL1OJLZOkA4WV6FcPWkw90S2+WeG5suWTzmO0UozDuhjcyx
S46DqrccqfioPYQHaDJlHD0XGg51+2mAn8QbIuk4k7F0llOmsWaR+JeEea8OfC1/
L5etnxKO1xbE0GMItSOXsbDZy8E529Hnw6xRykLkbiHK/M+fWWRXh7dY37Rq3SQi
oSno6HvAeKcKaRxzH/GaSa3UZWxoG6N8HaNd1HoIU1p3A/6uM0Sb1/eqSQZZXo7t
7JZiBQyP3Zr42bQECmrpuk9ugX/eLx1WOgaQQ3npJ/VcS3viGXQ3ONFbVEDIOkYC
2N6f+tMNJoRjv1K47DYjiDn3n7rJ7XEY6FQ1ZoWtdVTDKtvbupPhgLlz+ichUAgE
qawJquMnl9hRPEP70/v8ozmHrNm98hRF86v0J7AkUHbvN1zt4XH4Fnn0C4rqVf2/
ml4PkqooSkxNqoRWVRnZhEC2T8iDNICRMFkNyd63MS3EUayYR8dVw4P+OBL3J19W
hAq/9m8uQHYY7DG3+436YaSuMxkrGdBDUP6u6/wdaj3CZPX8H0Adq6I9k56snBC2
qydyyudefP1VLiqQqs0KWCs1xuH9lU+pjf30at5iY65xOR49KFEB4YJ38lkSpeRR
TByaB/aM85Nuc4VjHcHPf1Vg9nPMV4GLdGjh4cmhtbHRpV8LDRM=
=LHcX
-----END PGP SIGNATURE-----


Reply to: