Bug#1101775: marked as done (bookworm-pu: package varnish/7.1.1-1.1+deb12u1)

Sat, 17 May 2025 02:42:12 -0700 

Your message dated Sat, 17 May 2025 09:37:58 +0000
with message-id <[email protected]>
and subject line Close 1101775
has caused the Debian Bug report #1101775,
regarding bookworm-pu: package varnish/7.1.1-1.1+deb12u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
1101775: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1101775
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
Tags: bookworm moreinfo
User: [email protected]
Usertags: pu
X-Debbugs-Cc: [email protected], Varnish Package Maintainers 
<[email protected]>

  * CVE-2025-30346: HTTP/1 client-side desync vulnerability

Tagged moreinfo, as question to the security team whether they want
this in pu or as DSA.

diffstat for varnish-7.1.1 varnish-7.1.1

 changelog                                                              |    7 +
 patches/0001-req_fsm-Close-the-connection-on-a-malformed-request.patch |   53 
++++++++++
 patches/series                                                         |    1 
 3 files changed, 61 insertions(+)

diff -Nru varnish-7.1.1/debian/changelog varnish-7.1.1/debian/changelog
--- varnish-7.1.1/debian/changelog      2023-01-09 23:09:31.000000000 +0200
+++ varnish-7.1.1/debian/changelog      2025-03-31 16:06:56.000000000 +0300
@@ -1,3 +1,10 @@
+varnish (7.1.1-1.1+deb12u1) bookworm; urgency=medium
+
+  * Non-maintainer upload.
+  * CVE-2025-30346: HTTP/1 client-side desync vulnerability
+
+ -- Adrian Bunk <[email protected]>  Mon, 31 Mar 2025 16:06:56 +0300
+
 varnish (7.1.1-1.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru 
varnish-7.1.1/debian/patches/0001-req_fsm-Close-the-connection-on-a-malformed-request.patch
 
varnish-7.1.1/debian/patches/0001-req_fsm-Close-the-connection-on-a-malformed-request.patch
--- 
varnish-7.1.1/debian/patches/0001-req_fsm-Close-the-connection-on-a-malformed-request.patch
 1970-01-01 02:00:00.000000000 +0200
+++ 
varnish-7.1.1/debian/patches/0001-req_fsm-Close-the-connection-on-a-malformed-request.patch
 2025-03-31 16:06:35.000000000 +0300
@@ -0,0 +1,53 @@
+From 07c5b24e265b2b852c23ec492fe425b575fd43cb Mon Sep 17 00:00:00 2001
+From: Dag Haavi Finstad <[email protected]>
+Date: Fri, 10 Jan 2025 13:07:54 +0100
+Subject: req_fsm: Close the connection on a malformed request
+
+---
+ bin/varnishd/cache/cache_req_fsm.c | 2 ++
+ bin/varnishtest/tests/b00037.vtc   | 2 ++
+ 2 files changed, 4 insertions(+)
+
+diff --git a/bin/varnishd/cache/cache_req_fsm.c 
b/bin/varnishd/cache/cache_req_fsm.c
+index 81217159f..a0b344960 100644
+--- a/bin/varnishd/cache/cache_req_fsm.c
++++ b/bin/varnishd/cache/cache_req_fsm.c
+@@ -940,6 +940,7 @@ cnt_recv(struct worker *wrk, struct req *req)
+       if (http_CountHdr(req->http0, H_Host) > 1) {
+               VSLb(req->vsl, SLT_BogoHeader, "Multiple Host: headers");
+               wrk->stats->client_req_400++;
++              req->doclose = SC_RX_BAD;
+               (void)req->transport->minimal_response(req, 400);
+               return (REQ_FSM_DONE);
+       }
+@@ -947,6 +948,7 @@ cnt_recv(struct worker *wrk, struct req *req)
+       if (http_CountHdr(req->http0, H_Content_Length) > 1) {
+               VSLb(req->vsl, SLT_BogoHeader, "Multiple Content-Length: 
headers");
+               wrk->stats->client_req_400++;
++              req->doclose = SC_RX_BAD;
+               (void)req->transport->minimal_response(req, 400);
+               return (REQ_FSM_DONE);
+       }
+diff --git a/bin/varnishtest/tests/b00037.vtc 
b/bin/varnishtest/tests/b00037.vtc
+index 63d8014dc..cb758cdbd 100644
+--- a/bin/varnishtest/tests/b00037.vtc
++++ b/bin/varnishtest/tests/b00037.vtc
+@@ -11,6 +11,7 @@ client c1 {
+ 
+ varnish v1 -vsl_catchup
+ varnish v1 -expect client_req_400 == 1
++varnish v1 -expect sc_rx_bad == 1
+ 
+ client c1 {
+       txreq -method POST -hdr "Content-Length: 12" -bodylen 12
+@@ -20,6 +21,7 @@ client c1 {
+ 
+ varnish v1 -vsl_catchup
+ varnish v1 -expect client_req_400 == 2
++varnish v1 -expect sc_rx_bad == 2
+ 
+ varnish v1 -cliok "param.set feature +http2"
+ 
+-- 
+2.30.2
+
diff -Nru varnish-7.1.1/debian/patches/series 
varnish-7.1.1/debian/patches/series
--- varnish-7.1.1/debian/patches/series 2023-01-09 23:06:58.000000000 +0200
+++ varnish-7.1.1/debian/patches/series 2025-03-31 16:06:56.000000000 +0300
@@ -1,2 +1,3 @@
 Add-all-well-known-headers-to-the-perfect-hash-looku.patch
 hpack-fix-pseudo-headers-handling.patch
+0001-req_fsm-Close-the-connection-on-a-malformed-request.patch

--- End Message ---
--- Begin Message --- 
Version: 12.11
This update has been released as part of 12.10. Thank you for your contribution.

--- End Message ---

Reply via email to