Release date:
2025-11-17 10:17:29 UTC
Description:
- CVE-2024-30156: fix HTTP/2 flow control vulnerability allowing window credit
exhaustion (Broke Window Attack) causing potential denial of service
- CVE-2025-47905: fix client-side request smuggling via malformed HTTP/1 chunked
requests
Updated packages:
-
varnish-6.6.2-3.el9_2.1.tuxcare.els1.i686.rpm
sha:07917b962ec50795ab80c382839d891dee62412fbb1b1f90e1f6e09b47c5edc8
-
varnish-6.6.2-3.el9_2.1.tuxcare.els1.x86_64.rpm
sha:29644965438ffc183995453eca6b7e85abfa8c7b835e3f061863b0d8786c3a85
-
varnish-devel-6.6.2-3.el9_2.1.tuxcare.els1.i686.rpm
sha:6f8cc46998482b799dc0840f0661b6d7cef16edef874f230299fe8123f5fbab2
-
varnish-devel-6.6.2-3.el9_2.1.tuxcare.els1.x86_64.rpm
sha:e7769177690817bf0c74d07860a1b5cd433fa074e3af9f3e70085c5fd305c494
-
varnish-docs-6.6.2-3.el9_2.1.tuxcare.els1.x86_64.rpm
sha:0672e4fea9bd7db3a0419d8bf40fa348f36dfb297d7b90a307fdfa6ead1fe63f
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
