-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 31 Jul 2017 21:12:21 +0200 Source: varnish Binary: varnish varnish-doc libvarnishapi1 libvarnishapi-dev Architecture: source Version: 5.0.0-7+deb9u1 Distribution: stretch-security Urgency: high Maintainer: Varnish Package Maintainers <pkg-varnish-de...@lists.alioth.debian.org> Changed-By: Salvatore Bonaccorso <car...@debian.org> Description: libvarnishapi-dev - development files for Varnish libvarnishapi1 - shared libraries for Varnish varnish - state of the art, high-performance web accelerator varnish-doc - documentation for Varnish Cache Changes: varnish (5.0.0-7+deb9u1) stretch-security; urgency=high . * Non-maintainer upload by the Security Team. * Correctly handle bogusly large chunk sizes. This fixes a denial of service attack vector where bogusly large chunk sizes in requests could be used to force restarts of the Varnish server. Checksums-Sha1: 4a4e03fdbf9b7a14fe037c054421a11c1b34f3a1 2659 varnish_5.0.0-7+deb9u1.dsc e5c88abc3744122f2d073547f18b061c5310e2ef 2472963 varnish_5.0.0.orig.tar.gz b2c4ea2930e658eedda1ff16cd8b0ca521c9c1fa 21756 varnish_5.0.0-7+deb9u1.debian.tar.xz Checksums-Sha256: d335ca812e8c3fb44389a187cbb462a52c390ce58dd8e748e0cb6d4b6ebc793f 2659 varnish_5.0.0-7+deb9u1.dsc 5101ad72b29d288a07e2e5ded4c2abe850b70ff000c13ceb1764625e83823f4a 2472963 varnish_5.0.0.orig.tar.gz c773ab8e977625e30fae13ad0a1c0b1a0325fd5187ac0e45cad10aa7bc3f8f4a 21756 varnish_5.0.0-7+deb9u1.debian.tar.xz Files: ba6ae30cc51aa177d9c3b37ec1af5666 2659 web optional varnish_5.0.0-7+deb9u1.dsc 6c76ff181d21be595a18ae969a692ae7 2472963 web optional varnish_5.0.0.orig.tar.gz f93031c7c8b9668038127b3b3c15b574 21756 web optional varnish_5.0.0-7+deb9u1.debian.tar.xz
-----BEGIN PGP SIGNATURE----- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAll/kVZfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89Eb3QP/jjcV87VloUVl1Fk1zL619dWVlgUmYwV cReyPtzUa3Sjbsmba/1CK/dcXRO4GIYOqC5HLgS+QduiTtFwNMXmuBZ4djxiR7Az Aekh6IBfO2n2ItQIvO71pyaQS3OLmx+qIxWQLR2UVLt5lz1+7/IOZ6qsTLZBIaST sZ9fyNzn4jWMuaWJYgEPy/2UOrkn37urBNez1CU5sD9yAsWfuDXQBtkulOCWK1Xo 5lRvZrxmqx2yk/43fOuzP+O7nd+NruOMwZTTnSF3xxHDNUb7rcbBv95bggZNMjvF n4+CFVhynwFCa6miRmtPcZepyy4d7jUaN1iOytHsFoxVoA61rQ2Jg/gP7XXiq7IX Nbq859PpzW6euZCmlJ9gBy98z3XF2c3uSxLXb0g4f12//an3MqJxL3v0MP7kGFH4 UjPmKCCUaaV5h7SXUdEVdRzyFMj4Z9Su31qMemWFccW1bHTB0G3ZiXOI3BGPbUzA 55sxkpc8lzWcU6Enos/Ij60XQXjub7UwwLsjR7ncLtRNVND0NhTKJj7ClXYFSuBs OTT1KtfsiBKMO1NseNeycQwHd6ATLNKR3XDqcx5qvC+kASFbOZe8C6ncLbw+OXhf zz4rocEsB7m1S1RM2GSTIVw1hw/0m+AwLVKfnWImMeJrurUN0/l9v6P1kFa8CsLB PJmvQ8a/MLxG =1YgS -----END PGP SIGNATURE-----