This bug was fixed in the package varnish - 3.0.5-2ubuntu0.1
---------------
varnish (3.0.5-2ubuntu0.1) trusty-security; urgency=medium
* SECURITY UPDATE: HTTP Smuggling issues: Double Content Length and bad EOL
(LP: #1709153).
- fix-HTTP-Smuggling-CVE-2015-8852.patch
- CVE-2015-8852
* SECURITY UPDATE: Correctly handle bogusly large chunk sizes
(LP: #1709153).
- Correctly-handle-bogusly-large-chunk-sizes-CVE-2017-12425.patch
- CVE-2017-12425
-- Simon Quigley <[email protected]> Mon, 07 Aug 2017 13:57:07 -0500
** Changed in: varnish (Ubuntu Trusty)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1709153
Title:
[CVE] HTTP Smuggling issues: Double Content Length and bad EOL
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/varnish/+bug/1709153/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
