Date: Thu, 10 Nov 2022 00:08:16 GMT From: "Danilo G. Baio" <dbaio@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: 124a5223606f - main - security/vuxml: Add varnish cache security issues Message-ID: <202211100008.2AA08GLR067956@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by dbaio: URL: https://cgit.FreeBSD.org/ports/commit/?id=124a5223606f87270427c51b20a1b5f03aa16c06 commit 124a5223606f87270427c51b20a1b5f03aa16c06 Author: Danilo G. Baio <dbaio@FreeBSD.org> AuthorDate: 2022-11-10 00:05:15 +0000 Commit: Danilo G. Baio <dbaio@FreeBSD.org> CommitDate: 2022-11-10 00:07:24 +0000 security/vuxml: Add varnish cache security issues --- security/vuxml/vuln-2022.xml | 65 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 65 insertions(+) diff --git a/security/vuxml/vuln-2022.xml b/security/vuxml/vuln-2022.xml index 6a6c7dd6e0b4..c5b6d57fd73f 100644 --- a/security/vuxml/vuln-2022.xml +++ b/security/vuxml/vuln-2022.xml @@ -1,3 +1,68 @@ + <vuln vid="5b8d8dee-6088-11ed-8c5e-641c67a117d8"> + <topic>varnish -- HTTP/2 Request Forgery Vulnerability</topic> + <affects> + <package> + <name>varnish7</name> + <range><lt>7.2.1</lt></range> + </package> + <package> + <name>varnish6</name> + <range><le>6.6.2</le></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Varnish Cache Project reports:</p> + <blockquote cite="https://varnish-cache.org/security/VSV00011.html">; + <p>A request forgery attack can be performed on Varnish Cache servers that + have the HTTP/2 protocol turned on. An attacker may introduce + characters through the HTTP/2 pseudo-headers that are invalid in the + context of an HTTP/1 request line, causing the Varnish server to + produce invalid HTTP/1 requests to the backend. This may in turn be + used to successfully exploit vulnerabilities in a server behind the + Varnish server.</p> + </blockquote> + </body> + </description> + <references> + <url>https://varnish-cache.org/security/VSV00011.html</url>; + </references> + <dates> + <discovery>2022-11-08</discovery> + <entry>2022-11-09</entry> + </dates> + </vuln> + + <vuln vid="b10d1afa-6087-11ed-8c5e-641c67a117d8"> + <topic>varnish -- Request Smuggling Vulnerability</topic> + <affects> + <package> + <name>varnish7</name> + <range><lt>7.2.1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Varnish Cache Project reports:</p> + <blockquote cite="https://varnish-cache.org/security/VSV00010.html">; + <p>A request smuggling attack can be performed on Varnish Cache servers by + requesting that certain headers are made hop-by-hop, preventing the + Varnish Cache servers from forwarding critical headers to the backend. + Among the headers that can be filtered this way are both Content-Length + and Host, making it possible for an attacker to both break the HTTP/1 + protocol framing, and bypass request to host routing in VCL.</p> + </blockquote> + </body> + </description> + <references> + <url>https://varnish-cache.org/security/VSV00010.html</url>; + </references> + <dates> + <discovery>2022-11-08</discovery> + <entry>2022-11-09</entry> + </dates> + </vuln> + <vuln vid="6b04476f-601c-11ed-92ce-3065ec8fd3ec"> <topic>chromium -- multiple vulnerabilities</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202211100008.2AA08GLR067956>