-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 21 May 2022 21:14:28 +0200 Source: trafficserver Architecture: source Version: 8.0.2+ds-1+deb10u6 Distribution: buster-security Urgency: high Maintainer: Aron Xu <aron@debian.org> Changed-By: Jean Baptiste Favre <debian@jbfavre.org> Changes: trafficserver (8.0.2+ds-1+deb10u6) buster-security; urgency=high . * Multiple CVE fixes for 8.0.x + CVE-2021-37147: Improper input validation vulnerability + CVE-2021-37148: Improper input validation vulnerability + CVE-2021-37149: Improper Input Validation vulnerability + CVE-2021-38161: Improper Authentication vulnerability in TLS origin verification + CVE-2021-44040: Improper Input Validation vulnerability in request line parsing + CVE-2021-44759: Improper Authentication vulnerability in TLS origin validation Checksums-Sha1: 51061c818f231273f1252c8e502d7922dc425e38 2932 trafficserver_8.0.2+ds-1+deb10u6.dsc 1224740ee51071f350b9a5737576500adea7e0e2 98132 trafficserver_8.0.2+ds-1+deb10u6.debian.tar.xz 13674cc1c88d917bb80ecb9c52e50a6e5c733cd4 14051 trafficserver_8.0.2+ds-1+deb10u6_source.buildinfo Checksums-Sha256: d2bf55b72b05f5cd430a7c09b00d0063ad8a1567c7b5cbdf5b9c320573abdf36 2932 trafficserver_8.0.2+ds-1+deb10u6.dsc 8d31d21ac4829ccaa57a2f154c8ccc5324c8c4d11a7a08175d9b3903fc866f64 98132 trafficserver_8.0.2+ds-1+deb10u6.debian.tar.xz 1fa9ae792abff6365d93dd9c49f001dd8f2cb33a36e524da261f14e4c2a2df17 14051 trafficserver_8.0.2+ds-1+deb10u6_source.buildinfo Files: b941a768fe60d2eeda2aacb276d83791 2932 web optional trafficserver_8.0.2+ds-1+deb10u6.dsc fc852bfdfe60fd59e2255663c619b293 98132 web optional trafficserver_8.0.2+ds-1+deb10u6.debian.tar.xz 9e2d772a51c7aaed46de08a94487f460 14051 web optional trafficserver_8.0.2+ds-1+deb10u6_source.buildinfo -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEToRbojDLTUSJBphHtN1Tas99hzcFAmKPScJfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDRF ODQ1QkEyMzBDQjRENDQ4OTA2OTg0N0I0REQ1MzZBQ0Y3RDg3MzcACgkQtN1Tas99 hzdFSA/8Da4gJVBgUBCtxnKo+d9VolguYQh0Y72UYhEYZeBdzuTxhTuYRozRpcuR 8p+a4T3OJwqzoZz1c1r/Y0KMO3ulhTQiSWjleM428Iv2Jhx//x5mwkAqCpVSyWdw PAqkPmoqviN9S9ADCojUcyZrfHiVClXssrYw5w9WNivjTEV6RADluBKG4/wwP/b7 oWxGfmpLaXlsbnxsNn2QZimmtUWCyZ0r2WP6B9+0gELy9Xn3Ut7IgdzcWAKfUep9 Lm2LemkKPb+AcxQpYp7jJxu/Ry0brXqiXP6ysoyP26yEgTdc240W0XVLVE7rjm8H g+KmmyeV8g+0jFO15ioTaJX8K5LcHpebQcIbU1qahfWvvypsrNGJgWIBdwU0o9lX skC1jTYDtyQz0zvIYK7qmp3Ii5VIBwSCce8l2VCE+IFnSav/g4J+7GlfLuSC9xab TfiIDL+JVV0aPUVK7SlFOFOuR/VY1m8UdlzTWMLCZN2NukCSD5Jxx53bzu/VF3wb YZBclYqhVfIAzd+KCboXOjnS0ah5am3pC1gUU8cxAohXyGYbD+Buu5liM+s7648U t705CS5x8Nl1qkmnxC3mUxuD9Kah7jOZHepvvwF/n+EJbqUfpEBnLXPraSdxF1Wv 2OVJPCAYmFDimO/PMyxpAgdc2YSl9Wr0L0ihWa4zu/JMxCyX5f8= =AFhs -----END PGP SIGNATURE-----