Package: varnish / 4.0.2-1+deb8u1

Metadata

Package Version Patches format
varnish 4.0.2-1+deb8u1 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
4.0 Correctly handle bogusly large chunk sizes.patch | (download)

bin/varnishd/cache/cache_http1_proto.c | 2 1 + 1 - 0 !
bin/varnishtest/tests/f00001.vtc | 83 83 + 0 - 0 !
2 files changed, 84 insertions(+), 1 deletion(-)

 [patch] correctly handle bogusly large chunk sizes

This fixes a denial of service attack vector where bogusly large chunk
sizes in requests could be used to force restarts of the Varnish
server.

This is Varnish Security Vulnerability VSV00001

For more information visit: https://varnish-cache.org/security/VSV00001

Fixes: #2379