summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Reiner Herrmann [Thu, 26 Sep 2024 13:41:35 +0000 (16:41 +0300)]
make the build reproducible
Origin: other, https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833176
Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
Last-Update: 2016-11-18
Last-Update: 2016-11-18
Gbp-Pq: Name 0003-reproductible-build.patch
Adrian Bunk [Thu, 26 Sep 2024 13:41:35 +0000 (16:41 +0300)]
trafficserver (8.1.11+ds-0+deb11u1) bullseye-security; urgency=medium
* New upstream release.
- CVE-2023-38522: Incomplete field name check allows request smuggling
- CVE-2024-35161: Incomplete check for chunked trailer section allows
request smuggling
- CVE-2024-35296: Invalid Accept-Encoding can force forwarding requests
[dgit import unpatched trafficserver 8.1.11+ds-0+deb11u1]
Adrian Bunk [Thu, 26 Sep 2024 13:41:35 +0000 (16:41 +0300)]
Import trafficserver_8.1.11+ds.orig.tar.xz
[dgit import orig trafficserver_8.1.11+ds.orig.tar.xz]
Adrian Bunk [Thu, 26 Sep 2024 13:41:35 +0000 (16:41 +0300)]
Import trafficserver_8.1.11+ds-0+deb11u1.debian.tar.xz
[dgit import tarball trafficserver 8.1.11+ds-0+deb11u1 trafficserver_8.1.11+ds-0+deb11u1.debian.tar.xz]
projects / trafficserver.git / log