*** This bug is a security vulnerability *** You have been subscribed to a public security bug by Marc Deslauriers (mdeslaur):
Greetings, I'm unsure whether I should flag this as security vulnerability or not, as the information is already out there anyway. Apologies if I misflagged, but I prefer to be rather safe than sorry. Varnish Cache published a security update for CVE-2021-36740 a couple weeks ago: https://varnish-cache.org/security/VSV00007.html The packages in ubuntu have not been updated since, therefore I expect them to still be vulnerable to this attack. Can you please provide updated packages fixing this vulnerability? Thank you! Best, Lienhart ** Affects: varnish (Ubuntu) Importance: Undecided Status: New ** Tags: community-security -- Please provide update for CVE-2021-36740 (VSV00007 Varnish HTTP/2 Request Smuggling Attack) https://bugs.launchpad.net/bugs/1939281 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
