varnish-6.6.2-6.el9_6.1
エラータID: AXSA:2025-10495:01
リリース日:
2025/07/16 Wednesday - 18:54
題名:
varnish-6.6.2-6.el9_6.1
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- varnish には、リモートの攻撃者により、HTTP リクエスト
スマグリング攻撃を可能とする脆弱性が存在します。
(CVE-2025-47905)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2025-47905
Varnish Cache before 7.6.3 and 7.7 before 7.7.1, and Varnish Enterprise before 6.0.13r14, allow client-side desync via HTTP/1 requests, because the product incorrectly permits CRLF to be skipped to delimit chunk boundaries.
Varnish Cache before 7.6.3 and 7.7 before 7.7.1, and Varnish Enterprise before 6.0.13r14, allow client-side desync via HTTP/1 requests, because the product incorrectly permits CRLF to be skipped to delimit chunk boundaries.
追加情報:
N/A
ダウンロード:
SRPMS
- varnish-6.6.2-6.el9_6.1.src.rpm
MD5: 2d7714a2dad5ccf76b95456891896c01
SHA-256: a3c419565682d85831cf8e01f8b168ee7150eed5c27259e5aaea2f7b489bce14
Size: 3.40 MB
Asianux Server 9 for x86_64
- varnish-6.6.2-6.el9_6.1.i686.rpm
MD5: 495460931ea00f372a118456d92fa07d
SHA-256: 23c73f59440e16ab139b01a72c84b34dd73be712546c643cc083a17784c31fea
Size: 1.06 MB - varnish-6.6.2-6.el9_6.1.x86_64.rpm
MD5: be4857a69f9c0e64060ef54882178fba
SHA-256: bbdebb7997c1ed6ab6a84f3bbee15fa92bc477e40ccc44d9b632da2d12809ce8
Size: 1.03 MB - varnish-devel-6.6.2-6.el9_6.1.i686.rpm
MD5: 8ce31002fe5d941e56fef436620d5a8a
SHA-256: 9f6d5b81d9aca579292a9893eec70ae064d1c4212ad00b455ee2df515818ff9b
Size: 132.80 kB - varnish-devel-6.6.2-6.el9_6.1.x86_64.rpm
MD5: cb99946c86e4007419bae73cfc99b1ea
SHA-256: d794607896f79f2c64369e39ffe985bbd037ca0adfc8e9d966becfe337c75660
Size: 132.84 kB - varnish-docs-6.6.2-6.el9_6.1.x86_64.rpm
MD5: 932f453c6aca895bf59fc2730b347cad
SHA-256: 2751022ac97f261d526e385cc1dbec53ec1bfc1e3f436eafbbc318e6860922ff
Size: 686.65 kB
English