========================================================================== Ubuntu Security Notice USN-8050-1 February 18, 2026
trafficserver vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: trafficserver could be made to crash if it received specially crafted input. Software Description: - trafficserver: fast, scalable and extensible HTTP/1.1 and HTTP/2.0 caching proxy Details: Masakazu Kitajo discovered that Apache Traffic Server did not properly handle the Valid Host header field. An attacker could possibly use this issue to cause a denial of service (DoS). Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 trafficserver 9.2.5+ds-1ubuntu2.1 Ubuntu 24.04 LTS trafficserver 9.2.3+ds-1+deb12u1ubuntu0.1 Ubuntu 22.04 LTS trafficserver 9.1.1+ds-2ubuntu0.1 After a standard system update you need to restart Apache Traffic Server to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8050-1 CVE-2024-50305 Package Information: https://launchpad.net/ubuntu/+source/trafficserver/9.2.5+ds-1ubuntu2.1 https://launchpad.net/ubuntu/+source/trafficserver/9.2.3+ds-1+deb12u1ubuntu0.1 https://launchpad.net/ubuntu/+source/trafficserver/9.1.1+ds-2ubuntu0.1
signature.asc
Description: OpenPGP digital signature
