-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 26 Dec 2021 21:40:15 +0100 Source: varnish Architecture: source Version: 6.1.1-1+deb10u2 Distribution: buster-security Urgency: medium Maintainer: Varnish Package Maintainers <team+varnish-team@tracker.debian.org> Changed-By: Florian Weimer <fw@deneb.enyo.de> Closes: 991040 Changes: varnish (6.1.1-1+deb10u2) buster-security; urgency=medium . * Apply upstream patch from the 6.0.x TLS branch to fix VSV00007: Varnish HTTP/2 Request Smuggling Attack (CVE-2021-36740). (Closes: #991040) Checksums-Sha1: 3f4a898c13fce56199ca1ed4d6497e5cf1e7ca93 2092 varnish_6.1.1-1+deb10u2.dsc 2b447965f42612f00a180b18e4650c1bf57c32ce 26860 varnish_6.1.1-1+deb10u2.debian.tar.xz 778190ff1bf110c477d12ad508699a9e90a2225b 9504 varnish_6.1.1-1+deb10u2_amd64.buildinfo Checksums-Sha256: bb88ccf94fd81dd58cedb0460ee46d8dbf310b3f6c864da121b7a7f3dcbc80c0 2092 varnish_6.1.1-1+deb10u2.dsc 0f327a7298c32314662789f0ce00c4a31e085a6226dfea50e726728bea124aa0 26860 varnish_6.1.1-1+deb10u2.debian.tar.xz cb09e7817d7381b9ba149e276ea03182d8c6a090603a2aae7f2829c394f1791f 9504 varnish_6.1.1-1+deb10u2_amd64.buildinfo Files: e22ca771d800d43e4dc9c1ab2a5ccec1 2092 web optional varnish_6.1.1-1+deb10u2.dsc e3af191f14ef73cd5a95682f745df6b5 26860 web optional varnish_6.1.1-1+deb10u2.debian.tar.xz 680e207b94e7e4ad0d410ba6878a5c56 9504 web optional varnish_6.1.1-1+deb10u2_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEyNPZz/qecFY/MvpUv3v/BALVJL4FAmHI2vMACgkQv3v/BALV JL4/GggAjG8fDFieD3yn4ZNDPCD6cy0RzOrfo5g4aYnnp57TOxwb2X/OyTHG0Mif /gjLVyfbJGloM5yg8bwvHzG9/7qWqUzGM/7H3rl4vUgzTeiDuprFiqSvK7xgoKeQ UACzA3oH6iM85xqc3pjJe/IA87CyiLJiEkp/nA+IgRxTg6AgatjvWmSsRDJ8Fc8R vs+NpxODWej7xH0d3kIlVV1deaBCElJLjf0pEGau5c9hs+lckkvi7ESFis7FGL8W Ra/RVD/Z1BPDsC2oqO6HB6abV9EA4hxTl2gecsP01vW7jZNM9HKZBV9isdu3ZSna Dr7EeyQ4rQHbf4FXkqbmeTRSU8KtbQ== =zW1K -----END PGP SIGNATURE-----
