-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 31 Jul 2017 20:30:41 +0200 Source: varnish Binary: varnish varnish-doc libvarnishapi1 libvarnishapi-dev varnish-dbg Architecture: all source Version: 4.0.2-1+deb8u1 Distribution: jessie-security Urgency: high Maintainer: Varnish Package Maintainers <pkg-varnish-devel@lists.alioth.debian.org> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Description: libvarnishapi-dev - development files for Varnish libvarnishapi1 - shared libraries for Varnish varnish - state of the art, high-performance web accelerator varnish-dbg - debugging symbols for varnish varnish-doc - documentation for Varnish Cache Changes: varnish (4.0.2-1+deb8u1) jessie-security; urgency=high . * Non-maintainer upload by the Security Team. * Correctly handle bogusly large chunk sizes. This fixes a denial of service attack vector where bogusly large chunk sizes in requests could be used to force restarts of the Varnish server. Checksums-Sha1: 1a210e2708e8d2ae0ff3dcf7df7eb2acd2015151 2621 varnish_4.0.2-1+deb8u1.dsc af9a87a1e8536e895c1ebf0e09921a583dafe29a 1853668 varnish_4.0.2.orig.tar.gz 3a0dba69f87e5fd6ca29369ecde396505fa907c4 22896 varnish_4.0.2-1+deb8u1.debian.tar.xz 55068faac4ac7e2e53645cc23e37247f5a32af33 299566 varnish-doc_4.0.2-1+deb8u1_all.deb Checksums-Sha256: 0bf34656055afee59b6693a74e5c9000af244d7a9a06b22c2504cf3626cfce20 2621 varnish_4.0.2-1+deb8u1.dsc d9fb6a6eaf05bbb0c8eb5855556a4b092183b2c1a61281bfd73adf83a304555b 1853668 varnish_4.0.2.orig.tar.gz 34290ef020764bac221fb8ff39238ca6d44b10fdcd92dedfe5318cde9c5874fe 22896 varnish_4.0.2-1+deb8u1.debian.tar.xz 2ac4ed2ad13bdcc862480ffac61dd62cfc30927b44956e8873fab052c7f7f90e 299566 varnish-doc_4.0.2-1+deb8u1_all.deb Files: 254bf9f85e6bfb789e13206b25d57247 2621 web optional varnish_4.0.2-1+deb8u1.dsc bf86f3630605c273b1bbadbbe518237a 1853668 web optional varnish_4.0.2.orig.tar.gz 7d60e51442998ca55404617a3e6acce9 22896 web optional varnish_4.0.2-1+deb8u1.debian.tar.xz f7c3080a6cc35f220907f03e15e519e6 299566 doc optional varnish-doc_4.0.2-1+deb8u1_all.deb -----BEGIN PGP SIGNATURE----- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAll/eBBfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EFUoP/RdIBBcH8y+UXFU4iX8XNztZDwvTYEpF 7n41t5kveJBkQMo4X1mHbpZ7b/7Kg5rOV0c+2cY0XFIuw79ygsmKlckc40AtDmcw 5L51O6H1enUnQ1oi20Pa1gSop/HvPOxo1Icx7O/dIdpuX5Z52GirQuvjIwKmkwlQ ZGfXUOVEwFrhYt2v4KPNEkMdjdlcdJ2V/5NSBIcKKEoXM2bQJTz79FjFAXUFytCy E8GAK2BjeJg+iv9530CbOULZfNYKaIPWx5JWKhci1IS/tK9wdIFDvhfxAQgrPFY7 IZCDVg3M5iPtiGBlMF7zb5C6J7ZCd39W9jyrEdpOt1xjmseP7ZwKgQnBVtEW8j9m PnZE4OJAFKNA8olusOIC0vZz3gWVnM1/iRWZqnC2I7hct+6wFFtA8oH9k5NMn6gb hxPUix/cOXPCTrBCBeeuWPjy6ay2rtZ6UZcXOi4VSS7cJW3jWoAYFi2fobUpnWJ1 BuoZbArLnzaUJz8LgXsAkm9OG2zqZOcBVeMmBAeRuCzV0QhAx+/U1YNkNgAd5aBI ZjS30F6+ga01A/i8b2e8Zi8am9wO2/JIyprRaihexx2i3gK+7kt+A0le4QX7dKmX 2xypt4gvZzGKVuT7VYbYgcagr1g6p8FpnY3NEtCLeXMKBPo+NT1THXcacjSBO9p7 U5ugGjJ2ORvJ =yNxr -----END PGP SIGNATURE-----