Package: varnish Severity: important Tags: security upstream patch fixed-upstream
Hi, Know you are already aware, opening bugreport to keep track of this issue. the following vulnerability was published for varnish. CVE-2013-4484[0]: | Varnish before 3.0.5 allows remote attackers to cause a denial of | service (child-process crash and temporary caching outage) via a GET | request with trailing whitespace characters and no URI. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. [0] http://security-tracker.debian.org/tracker/CVE-2013-4484 Please adjust the affected versions in the BTS as needed. Regards, Salvatore _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
