varnish-6.6.2-3.el9.1
エラータID: AXSA:2023-6534:03
Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up.
Security Fix(es):
* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Update packages.
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
N/A
SRPMS
- varnish-6.6.2-3.el9.1.src.rpm
MD5: 9bc76d86d9ed16ec52c707aef3cd984a
SHA-256: c40a3ee797b00170f0cd2c4ee33f39b1e88da0201d0668502c4798bfe03bc897
Size: 3.39 MB
Asianux Server 9 for x86_64
- varnish-6.6.2-3.el9.1.i686.rpm
MD5: 65742fdc3f6ec8d86685b46fcc64a489
SHA-256: 3ed51b6c66a1bba850904e92f30ee660b7b302dffc075a099359dc605535681d
Size: 1.10 MB - varnish-6.6.2-3.el9.1.x86_64.rpm
MD5: 6a8c632bae7565490f30b2671aedf246
SHA-256: 198e68744bd6ca46536adcce662fb69cf3204a237da696fa95d5e5b740853527
Size: 1.07 MB - varnish-devel-6.6.2-3.el9.1.i686.rpm
MD5: d0f4fa3729c8a489a75a50745d144b46
SHA-256: eb0924d396567caa6ba1139d2fb78099342bcfdf9c1ff24971fda5e6fc613564
Size: 111.98 kB - varnish-devel-6.6.2-3.el9.1.x86_64.rpm
MD5: da69ea02329bb601f7cfd0e2c98e6401
SHA-256: a062596c220707fe861758b1bf0ffd5b0c030fdc20ca51452b11868a1d120203
Size: 111.97 kB - varnish-docs-6.6.2-3.el9.1.x86_64.rpm
MD5: aa2a429decd735977b55e8b895cba2e6
SHA-256: 4fc1d810bfe81b84d040580b031c292fb6c42f4994baf4b7bb9f2efb32b65a69
Size: 646.08 kB
日本語