-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3799-1 debian-...@lists.debian.org https://www.debian.org/lts/security/ Adrian Bunk April 28, 2024 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : trafficserver Version : 8.1.7-0+deb10u4 CVE ID : CVE-2024-31309 Debian Bug : 1068417 Potential DoS attacks have been fixed by rate limiting HTTP/2 CONTINUATION frames in Apache Traffic Server, an HTTP/1.1 and HTTP/2 compliant caching proxy server. For Debian 10 buster, this problem has been fixed in version 8.1.7-0+deb10u4. We recommend that you upgrade your trafficserver packages. For the detailed security status of trafficserver please refer to its security tracker page at: https://security-tracker.debian.org/tracker/trafficserver Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmYut80ACgkQiNJCh6LY mLFovhAAzymlGS/QkzER/awJHZgw4h4KqpQwvUJ3kPAtwG55/NPcFnpRdQ2tVRMj uMQpjm1XC5pC26gJRIrRDzr/KYFfU/OIYUXaQFb0OCSMxUT522KrWMxjH4ejaHle uqU7iKtSxe7Rxc/Mkug3bwLzB482KnjpvYNJ5EXJHTDsTD9PSlPGelv0jOEL3ufz KfFZR5dEnuMdRGXl6hUG2/TbqnYfPwSLU5fAz1cuF6haSRvf9FPKPi3+EP7T75y8 bqIRwzX954ujmrjRYpKS79JbOu+Av3U9mJrqVsidFSD1CgLTocO0CkN7P5WbON3p ruvgyIXVPsISJcYZNe7kuboflOdm1y0eU3ZC2/xOTcIuVdNeUDsZzhxXJ9yZZK/5 /LE0kFBzi4A+Oi0YZxJzPa/dOc28JtWc+LLsgh02qGttdcOo4+PDHoC6KxI8m+hO Nhg3l8ElKPSh+RN0yarpa30T0/9qGt52TSqcaqqsCv3ZREIuF7Gg3GhpKDYod0vn Rk3JKnN38RWdw5gBNwtZLmA0k00HyWFQvzsJtp1qfHWEh4DevW95WlKflaDfZ6Y0 aHZN3NxlQAmi9OdORUA/owXJx6UX4D0oy4hUNpPKoPhDtNorFyOL2x8NF7tZeo0U uBnL5oqkiXdnShd73ShkE/jiGlSqNt1SSwXeo5uEhWTxaFecmJQ= =TLeM -----END PGP SIGNATURE-----