rpms/varnish
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import varnish-6.0.8-1.module+el8.5.0+14089+03a0c2cc.1

Browse Source
This commit is contained in:
CentOS Sources 2022-05-01 02:14:57 +00:00 committed by Stepan Oksanichenko
parent dee7b33204
commit 36e7beac65
4 changed files with 31 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -1,2 +1,2 @@
SOURCES/pkg-varnish-cache-0ad2f22.tar.gz SOURCES/pkg-varnish-cache-0ad2f22.tar.gz
SOURCES/varnish-6.0.6.tgz SOURCES/varnish-6.0.8.tgz

2
.varnish.metadata
View File

@ -1,2 +1,2 @@
db2cd6c296e7f19d65c09e642b7011338d9d0e04 SOURCES/pkg-varnish-cache-0ad2f22.tar.gz db2cd6c296e7f19d65c09e642b7011338d9d0e04 SOURCES/pkg-varnish-cache-0ad2f22.tar.gz
c9cdd61f46d70b1bf8cb5eac3510aa3f4cf5c326 SOURCES/varnish-6.0.6.tgz 7c5e50eabcd3c0ddb6c463ba4645678a2f71233a SOURCES/varnish-6.0.8.tgz

13
SOURCES/varnish-6.0.8.CVE-2022-23959.patch Normal file
View File

@ -0,0 +1,13 @@
diff --git a/bin/varnishd/cache/cache_req_body.c b/bin/varnishd/cache/cache_req_body.c
index 463b75b..982bd73 100644
--- a/bin/varnishd/cache/cache_req_body.c
+++ b/bin/varnishd/cache/cache_req_body.c
@@ -254,6 +254,8 @@ VRB_Ignore(struct req *req)
if (req->req_body_status == REQ_BODY_WITH_LEN ||
req->req_body_status == REQ_BODY_WITHOUT_LEN)
(void)VRB_Iterate(req, httpq_req_body_discard, NULL);
+ if (req->req_body_status == REQ_BODY_FAIL)
+ req->doclose = SC_RX_BODY;
return(0);
}

18
SPECS/varnish.spec
View File

@ -18,8 +18,8 @@
Summary: High-performance HTTP accelerator Summary: High-performance HTTP accelerator
Name: varnish Name: varnish
Version: 6.0.6 Version: 6.0.8
Release: 2%{?dist} Release: 1%{?dist}.1
License: BSD License: BSD
Group: System Environment/Daemons Group: System Environment/Daemons
URL: https://www.varnish-cache.org/ URL: https://www.varnish-cache.org/
@ -32,6 +32,9 @@ Patch9: varnish-5.1.1.fix_python_version.patch
# https://github.com/varnishcache/varnish-cache/commit/5220c394232c25bb7a807a35e7394059ecefa821#diff-2279587378a4426edde05f42e1acca5e # https://github.com/varnishcache/varnish-cache/commit/5220c394232c25bb7a807a35e7394059ecefa821#diff-2279587378a4426edde05f42e1acca5e
Patch11: varnish-6.0.0.fix_el6_fortify_source.patch Patch11: varnish-6.0.0.fix_el6_fortify_source.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=2045031
Patch100: varnish-6.0.8.CVE-2022-23959.patch
Obsoletes: varnish-libs Obsoletes: varnish-libs
%if %{with python3} %if %{with python3}
@ -140,6 +143,8 @@ sed -i '8 i\RPM_BUILD_ROOT=%{buildroot}' find-provides
%patch11 -p0 %patch11 -p0
%endif %endif
%patch100 -p1
%build %build
%if 0%{?rhel} == 6 %if 0%{?rhel} == 6
export CFLAGS="%{optflags} -fPIC" export CFLAGS="%{optflags} -fPIC"
@ -371,6 +376,15 @@ fi
%changelog %changelog
* Tue Feb 01 2022 Luboš Uhliarik <luhliari@redhat.com> - 6.0.8-1.1
- Resolves: #2047648 - CVE-2022-23959 varnish:6/varnish: Varnish HTTP/1 Request
Smuggling Vulnerability
* Thu Jul 22 2021 Luboš Uhliarik <luhliari@redhat.com> - 6.0.8-1
- new version 6.0.8
- Resolves: #1982862 - CVE-2021-36740 varnish:6/varnish: HTTP/2 request
smuggling attack via a large Content-Length header for a POST request
* Tue Apr 14 2020 Lubos Uhliarik <luhliari@redhat.com> - 6.0.6-2 * Tue Apr 14 2020 Lubos Uhliarik <luhliari@redhat.com> - 6.0.6-2
- new version 6.0.6 - new version 6.0.6
- Resolves: #1795673 - RFE: rebase varnish:6 to latest 6.0.x LTS - Resolves: #1795673 - RFE: rebase varnish:6 to latest 6.0.x LTS