-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6199-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 05, 2026 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : trafficserver CVE ID : CVE-2025-58136 CVE-2025-65114 Two vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in denial of service or HTTP request smuggling. For the oldstable distribution (bookworm), these problems have been fixed in version 9.2.5+ds-0+deb12u4. We recommend that you upgrade your trafficserver packages. For the detailed security status of trafficserver please refer to its security tracker page at: https://security-tracker.debian.org/tracker/trafficserver Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: [email protected] -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmnSyjEACgkQEMKTtsN8 TjbGzg/8CWIKOce8ndWRF8khLwdzmlBK3TJijIASEeW6P5+vJ0pXe42h1vaPVex2 Ko+PIiBLLg4qeqXkiNaTAAcTX0NI9YqcqMjhqIShDb/sNyHLf/8ms+OzeVFSEted 8Bu6VR5pf+lBgOOKh5x5wyRPzSOnBfQzp38fDrT3b9IqWLqrABh9czE5qZi0uPod NVkjmB0sV+agLi+9hRV/aQvvYvfFkmaJM6wD5Qt0iYfi+tRhSt8N2Gjaw4LSgQSn Fj8JIRzxT2JWyGUHmz38L5Uxz4E9iKRpFai7/Ma8TIBrA8LzTZ7V4Wfee/sGWZpj X8gMkCcPiBBgpZN3mZtfOHjPzEFKLC18rRLpBE8+hM16lSaSA6eXpUEiRu7GF1XI itrEq3100Lf3P0psmxbe+FQNvnFhOlcnIFEsUTvbViMGzWyo1Q0MmvknovNBrhxy b99WGuVywltlerv7i/fGRRi3ADswSdobvQDZogsENEc1jvwqbH/ysN6u25XoS5rA BhDpTiAXaIW5i89Xv8oldTQLHZjQZ/FPN72X3hpI1zawyh5c2hpSVm6OoVySyVtb TfNTNWEbG0pPKqJMghb5G607xgIIdNOtbOEhqTDtVgCL+z65qBlOoHwAL90+oH91 27rzUuAAlv0k+YsPIrtY+/Jpvgtl039XbUsKYV2JvKzzaUQYq+8= =2rXJ -----END PGP SIGNATURE-----
