Package: varnish Severity: normal Hello!
There is a new vendor-announcement regarding a request smuggling attack - this time affects HTTP/1 connections. It's apparently affecting all versions >= Stretch.
https://varnish-cache.org/security/VSV00008.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23959 Best Regards, Andreas
