rpms/varnish
5
0
Fork 0
Code Issues Pull Requests Releases Activity

import UBI varnish-6.6.2-4.el9_3.1

Browse Source
This commit is contained in:
eabdullin 2024-04-08 08:26:38 +00:00
parent 4a00b436ae
commit 251103a43b
2 changed files with 1076 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1063
SOURCES/varnish-6.6.2-CVE-2024-30156.patch Normal file
View File

File diff suppressed because it is too large Load Diff

18
SPECS/varnish.spec
View File

@ -23,7 +23,7 @@
Summary: High-performance HTTP accelerator Summary: High-performance HTTP accelerator
Name: varnish Name: varnish
Version: 6.6.2 Version: 6.6.2
Release: 3%{?dist}.1 Release: 4%{?dist}.1
License: BSD License: BSD
URL: https://www.varnish-cache.org/ URL: https://www.varnish-cache.org/
Source0: http://varnish-cache.org/_downloads/%{name}-%{version}.tgz Source0: http://varnish-cache.org/_downloads/%{name}-%{version}.tgz
@ -67,12 +67,15 @@ Source1: https://github.com/varnishcache/pkg-varnish-cache/archive/%{commit1}.ta
# https://bugzilla.redhat.com/show_bug.cgi?id=2141844 # https://bugzilla.redhat.com/show_bug.cgi?id=2141844
Patch100: varnish-6.6.2-CVE-2022-45060.patch Patch100: varnish-6.6.2-CVE-2022-45060.patch
# https://issues.redhat.com/browse/RHEL-12816 # https://issues.redhat.com/browse/RHEL-12817
Patch101: varnish-6.6.2-CVE-2023-44487-rate_limit.patch Patch101: varnish-6.6.2-CVE-2023-44487-rate_limit.patch
# https://issues.redhat.com/browse/RHEL-12816 # https://issues.redhat.com/browse/RHEL-12817
Patch102: varnish-6.6.2-CVE-2023-44487-vcl_vrt.patch Patch102: varnish-6.6.2-CVE-2023-44487-vcl_vrt.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=2271486
Patch103: varnish-6.6.2-CVE-2024-30156.patch
%if 0%{?fedora} > 29 %if 0%{?fedora} > 29
Provides: varnish%{_isa} = %{version}-%{release} Provides: varnish%{_isa} = %{version}-%{release}
Provides: varnishd(abi)%{_isa} = %{abi} Provides: varnishd(abi)%{_isa} = %{abi}
@ -168,6 +171,7 @@ sed -i 's,rst2man-3.6,rst2man-3.4,g; s,rst2html-3.6,rst2html-3.4,g; s,phinx-buil
%patch100 -p1 -b .CVE-2022-45060 %patch100 -p1 -b .CVE-2022-45060
%patch101 -p1 -b .CVE-2023-44487 %patch101 -p1 -b .CVE-2023-44487
%patch102 -p1 -b .CVE-2023-44487-vcl %patch102 -p1 -b .CVE-2023-44487-vcl
%patch103 -p1 -b .CVE-2024-30156
%build %build
# https://gcc.gnu.org/wiki/FAQ#PR323 # https://gcc.gnu.org/wiki/FAQ#PR323
@ -316,9 +320,13 @@ test -f /etc/varnish/secret || (uuidgen > /etc/varnish/secret && chmod 0600 /etc
%changelog %changelog
* Thu Oct 12 2023 Tomas Korbar <tkorbar@redhat.com> - 6.6.2-3.1 * Sat Mar 30 2024 Luboš Uhliarik <luhliari@redhat.com> - 6.6.2-4.1
- Resolves: RHEL-30387 - varnish: HTTP/2 Broken Window Attack may result
in denial of service (CVE-2024-30156)
* Thu Oct 19 2023 Tomas Korbar <tkorbar@redhat.com> - 6.6.2-4
- Add parameters h2_rst_allowance and h2_rst_allowance_period to mitigate CVE-2023-44487 - Add parameters h2_rst_allowance and h2_rst_allowance_period to mitigate CVE-2023-44487
- Resolves: RHEL-12816 - Resolves: RHEL-12817
* Mon Dec 05 2022 Luboš Uhliarik <luhliari@redhat.com> - 6.6.2-3 * Mon Dec 05 2022 Luboš Uhliarik <luhliari@redhat.com> - 6.6.2-3
- Resolves: #2142096 - CVE-2022-45060 varnish: Request Forgery Vulnerability - Resolves: #2142096 - CVE-2022-45060 varnish: Request Forgery Vulnerability