it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 4672-1] trafficserver security update

From: Moritz Muehlenhoff <jmm AT debian.org>
To: debian-security-announce AT lists.debian.org
Subject: [IT-SecNots] [SECURITY] [DSA 4672-1] trafficserver security update
Date: Fri, 1 May 2020 17:36:46 +0000
List-archive: https://lists.debian.org/msgid-search/20200501173646.GA29533 AT seger.debian.org
List-id: <debian-security-announce.lists.debian.org>
List-url: <http://lists.debian.org/debian-security-announce/>
Old-return-path: <jmm AT seger.debian.org>
Priority: urgent
Resent-date: Fri, 1 May 2020 17:37:02 +0000 (UTC)
Resent-from: debian-security-announce AT lists.debian.org
Resent-message-id: <AM2518J6vII.A.ilG.-4FreB@bendel>
Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4672-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
May 01, 2020 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : trafficserver
CVE ID : CVE-2019-17559 CVE-2019-17565 CVE-2020-1944 CVE-2020-9481

Several vulnerabilities were discovered in Apache Traffic Server, a
reverse and forward proxy server, which could result in denial of service
or request smuggling attacks.

For the stable distribution (buster), these problems have been fixed in
version 8.0.2+ds-1+deb10u2.

We recommend that you upgrade your trafficserver packages.

For the detailed security status of trafficserver please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/trafficserver

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl6sXUoACgkQEMKTtsN8
TjYFJA//VVLh3ighaQPMj9HhwDwsOrn0GSj8UkRc/nYuEQBdfKf5nE7JJio//U65
NHCGih9o9sfnZ9q+bxryED+RiKMOyUvxqMOqRhXItekVkXaRNWcXWqbGW+2MTL1H
yOSaq9oMMv04/xzUcWId3T3WdrZk9vlehGmj7Eo0W2eH65itXL+RaKAJuZL+Jtrl
XsT380xATHKyyuiN2OaIgWwFGSpzQ1cwXnvQzYOk1LXlTqFA9UhBWZJHsNAwXlqQ
ANURjLVa5Z+LwmkpAgpksL+bSMinX+XKKNsc82e0NJkDFuk/VhQle3AYhERC23eC
Nar2nXHMC9yvH/ym8MNVYa48PTWD3xYalncAOyMiw7b4tts4uWkAPpnhWxY2g9p5
0xIlZvlDFzW50DsneNo1cHscsg4hlYDlzo2ucYBZHlFRFVj+tVU7t/5E+PctKifi
ls8jf7TrDqLJfyyVxH9k+qMpo2KbOWk/PgCfaOsWbTcEVlpUUOCfTx1+rExTVNVs
cmkrA3GYijHNqLhs2Lsrv3TnSOviSXdewnN1uGlfhSEPL9LndKOaxWr6w9P4HCVF
Qvt8p9lZCQM4zs9FvSrvbb6y9B6P5/BzQKwTlJ/ziuUQeLz3Cn+skt9sRFP0u2Un
NGefeHnatRuux9EFVnEqHRsG2+/HbpXiv/Hfdh0M6PNeW23PqLI=
=0mTC
-----END PGP SIGNATURE-----

[IT-SecNots] [SECURITY] [DSA 4672-1] trafficserver security update, Moritz Muehlenhoff, 01.05.2020

Archiv bereitgestellt durch MHonArc 2.6.19.