Описание
ELSA-2023-5989: varnish security update (IMPORTANT)
varnish [6.0.8-3.1]
- Add parameters h2_rst_allowance and h2_rst_allowance_period to mitigate CVE-2023-44487
varnish-modules
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
Module varnish:6 is enabled
varnish
6.0.8-3.module+el8.8.0+21197+bdc2c048.1
varnish-devel
6.0.8-3.module+el8.8.0+21197+bdc2c048.1
varnish-docs
6.0.8-3.module+el8.8.0+21197+bdc2c048.1
varnish-modules
0.15.0-6.module+el8.5.0+20320+0b4af72d
Oracle Linux x86_64
Module varnish:6 is enabled
varnish
6.0.8-3.module+el8.8.0+21197+bdc2c048.1
varnish-devel
6.0.8-3.module+el8.8.0+21197+bdc2c048.1
varnish-docs
6.0.8-3.module+el8.8.0+21197+bdc2c048.1
varnish-modules
0.15.0-6.module+el8.5.0+20320+0b4af72d
Связанные CVE
Связанные уязвимости
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
The HTTP/2 protocol allows a denial of service (server resource consum ...