projects / trafficserver.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(merge: 0f3e933 f251e26)
trafficserver (8.1.1+ds-1.1) unstable; urgency=medium
authorSalvatore Bonaccorso <carnil@debian.org>
Thu, 15 Jul 2021 19:48:17 +0000 (20:48 +0100)
committerSalvatore Bonaccorso <carnil@debian.org>
Thu, 15 Jul 2021 19:48:17 +0000 (20:48 +0100)
commit0019a903334672acfc132ce3d616b24189d8ed9f
tree76728fb4bd16dd8a9116fdc2db8baa5e7da4625btree | snapshot
parent0f3e933c655db9dc24ded1b505626f9ca9def5a4commit | diff
parentf251e26998a1dd4e5d627d28b57ad9c28f89eb31commit | diff
trafficserver (8.1.1+ds-1.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Address CVE-2021-27577, CVE-2021-32565, CVE-2021-32566, CVE-2021-32567 and
    CVE-2021-35474.
    - CVE-2021-27577: Incorrect handling of url fragment leads to cache
      poisoning
    - CVE-2021-32565: HTTP Request Smuggling, content length with invalid
      charters
    - CVE-2021-32566: Specific sequence of HTTP/2 frames can cause ATS to
      crash
    - CVE-2021-32567: Reading HTTP/2 frames too many times
    - CVE-2021-35474: Dynamic stack buffer overflow in cachekey plugin
    (Closes: #990303)

[dgit import unpatched trafficserver 8.1.1+ds-1.1]
45 files changed:
debian/CONFIGURATION.Debian | | blob
debian/NEWS | | blob
debian/README.Debian | | blob
debian/README.conf-remap.Debian | | blob
debian/change_config.pl | | blob
debian/changelog | | blob
debian/control | | blob
debian/copyright | | blob
debian/docs | | blob
debian/gbp.conf | | blob
debian/not-installed | | blob
debian/patches/0001-Use-mcx16-on-x86-platforms-only.patch | | blob
debian/patches/0003-reproductible-build.patch | | blob
debian/patches/0006-fix-doc-build.patch | | blob
debian/patches/0008-fix-python-check-unused-dependencies.patch | | blob
debian/patches/0009-fix-mysql-8-build.patch | | blob
debian/patches/0011-fix-segfault.patch | | blob
debian/patches/0012-fix-spelling-checks.patch | | blob
debian/patches/0013-fix-perl-interpreter-path.patch | | blob
debian/patches/0014-use_system_yaml-cpp.patch | | blob
debian/patches/0015-as-needed-fix.patch | | blob
debian/patches/0016-fix_python_3.8.patch | | blob
debian/patches/0017-fix_sphinx_3.0.patch | | blob
debian/patches/0018-Fixes-7971.patch | | blob
debian/patches/series | | blob
debian/rules | | blob
debian/salsa-ci.yml | | blob
debian/source/format | | blob
debian/source/options | | blob
debian/trafficserver-dev.examples | | blob
debian/trafficserver-dev.install | | blob
debian/trafficserver-dev.manpages | | blob
debian/trafficserver-experimental-plugins.install | | blob
debian/trafficserver.default | | blob
debian/trafficserver.dirs | | blob
debian/trafficserver.example | | blob
debian/trafficserver.init | | blob
debian/trafficserver.install | | blob
debian/trafficserver.maintscript | | blob
debian/trafficserver.manpages | | blob
debian/trafficserver.postinst | | blob
debian/trafficserver.service | | blob
debian/trafficserver.tmpfile | | blob
debian/upstream/signing-key.asc | | blob
debian/watch | | blob
Unnamed repository; edit this file 'description' to name the repository.