Your message dated Sat, 05 Mar 2022 13:17:08 +0000 with message-id <e1nquhu-000crz...@fasolo.debian.org> and subject line Bug#991040: fixed in varnish 6.5.1-1+deb11u1 has caused the Debian Bug report #991040, regarding varnish: CVE-2021-36740: VSV00007 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991040: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991040 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: varnish Severity: grave Tags: security X-Debbugs-Cc: Debian Security Team <t...@security.debian.org> https://varnish-cache.org/security/VSV00007.html Patches: https://github.com/varnishcache/varnish-cache/commit/9be22198e258d0e7a5c41f4291792214a29405cf (6.0) https://github.com/varnishcache/varnish-cache/commit/82b0a629f60136e76112c6f2c6372cce77b683be (6.5) Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: varnish Source-Version: 6.5.1-1+deb11u1 Done: Florian Weimer <f...@deneb.enyo.de> We believe that the bug you reported is fixed in the latest version of varnish, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 991...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Florian Weimer <f...@deneb.enyo.de> (supplier of updated varnish package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 26 Dec 2021 18:49:24 +0100 Source: varnish Architecture: source Version: 6.5.1-1+deb11u1 Distribution: bullseye-security Urgency: medium Maintainer: Varnish Package Maintainers <team+varnish-t...@tracker.debian.org> Changed-By: Florian Weimer <f...@deneb.enyo.de> Closes: 991040 Changes: varnish (6.5.1-1+deb11u1) bullseye-security; urgency=medium . * Apply upstream patches to fix VSV00007: Varnish HTTP/2 Request Smuggling Attack (CVE-2021-36740). (Closes: #991040) Checksums-Sha1: 9c87e415e09431198a3899a08a796de84f8915fa 2098 varnish_6.5.1-1+deb11u1.dsc 19bcd81ca8528b66a26172c36fb0963d30a7d0f5 3460024 varnish_6.5.1.orig.tar.gz 24b180dce810f8c676482de9794fb2cf1d53afa4 25876 varnish_6.5.1-1+deb11u1.debian.tar.xz bb27eca3eb50618ab1b58253f311f753722d17ee 9781 varnish_6.5.1-1+deb11u1_amd64.buildinfo Checksums-Sha256: e8aaa272aaa78a303e6fd84948d253cb6f8ce861b3d84a0c08e0d7eb6d04a69d 2098 varnish_6.5.1-1+deb11u1.dsc 11964c688f9852237c99c1e327d54dc487549ddb5f0f5aa7996e521333d7cdb5 3460024 varnish_6.5.1.orig.tar.gz 5f044ac8e8e282fee44c1dadcc894e5ab8dd9b6b391aafb929b5bf280d40b98e 25876 varnish_6.5.1-1+deb11u1.debian.tar.xz 87898226d2cc3f4f2dd8fd37fec2846d8ec3edbb059162b7de97e5c0df261f5f 9781 varnish_6.5.1-1+deb11u1_amd64.buildinfo Files: d6fd8c4763f0f2a8762bd5d6c1b4119f 2098 web optional varnish_6.5.1-1+deb11u1.dsc 09304038cb3bb744a7c1742c8de848a1 3460024 web optional varnish_6.5.1.orig.tar.gz 98bfd14a66b59926f92323d50618fc43 25876 web optional varnish_6.5.1-1+deb11u1.debian.tar.xz 63f91ce156163295d7a6ddfc748d9f70 9781 web optional varnish_6.5.1-1+deb11u1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEyNPZz/qecFY/MvpUv3v/BALVJL4FAmHIuJwACgkQv3v/BALV JL4J4gf+ISbytwzOyxSnLOhcCS0SK/Si0KeIChr6h1E7qvhe+DZHgCb6K2R4aa7z DS3v9Ym1RdUyQxfDBHQoCvIXiXbxOM0TH57Q1ou9CJd37jMj0unS73rsu1bFdBsh epQGAQCcuH5lC1uK7x7HtBXuna3HcvX2Pmdut9vcZt08zN+DMwGDhrgaugQRJ2yS 4PmlrP3TxXucVLYUUGhGFbyByx5rHPkC1gKoC2Dv16rxSRrRoI+nk8vTA0yTE+YU zP7tG3vQ+IX/QrfFDLbXjNbpdgCZwAyfqTsoPCVeg0Dgv3h6QYxH0Fp8SeLEcRbk ZymIWIEdfBOCDhOF1Nax4eRQBlZSKg== =p9Im -----END PGP SIGNATURE-----
--- End Message ---
