Univention Bugzilla – Bug 45157
varnish: Denial of Service (4.2)
Last modified: 2018-05-08 14:56:28 CEST
Upstream Debian package version 4.0.2-1+deb8u1 fixes: A denial of service vulnerability was discovered in Varnish, a state of the art, high-performance web accelerator. Specially crafted HTTP requests can cause the Varnish daemon to assert and restart, clearing the cache in the process (No CVE yet)
More detail: * An issue was discovered in Varnish HTTP Cache 4.0.1 through 4.0.4, 4.1.0 through 4.1.7, 5.0.0, and 5.1.0 through 5.1.2. A wrong if statement in the varnishd source code means that particular invalid requests from the client can trigger an assert, related to an Integer Overflow. This causes the varnishd worker process to abort and restart, losing the cached contents in the process. An attacker can therefore crash the varnishd worker process on demand and effectively keep it from serving content - a Denial-of-Service attack. The specific source-code filename containing the incorrect statement varies across releases. (CVE-2017-12425)
Mass-import from Debian-Security: python -m univention.repong.^Cbmirror -s jessie -r 4.2-3 --override=$HOME/REPOS/repo-ng/mirror/update_ucs42_mirror_from_debian.yml --errata=doc/errata --sql --process=ALL -vvvv --now=201801211553 YAML: git:bd6159834a..449aa5a7cf
--- mirror/ftp/4.2/unmaintained/4.2-0/source/varnish_4.0.2-1.dsc +++ apt/ucs_4.2-0-errata4.2-3/source/varnish_4.0.2-1+deb8u1.dsc @@ -1,3 +1,10 @@ +4.0.2-1+deb8u1 [Mon, 31 Jul 2017 20:30:41 +0200] Salvatore Bonaccorso <carnil@debian.org>: + + * Non-maintainer upload by the Security Team. + * Correctly handle bogusly large chunk sizes. + This fixes a denial of service attack vector where bogusly large chunk + sizes in requests could be used to force restarts of the Varnish server. + 4.0.2-1 [Tue, 14 Oct 2014 22:53:05 +0200] Stig Sandbeck Mathisen <ssm@debian.org>: * use /run instead of /var/run in sysv init scripts (Closes: #708975)
* No UCS specific patches * Comparison to previously shipped version ok * Binary package update Ok * Advisory Ok
<http://errata.software-univention.de/ucs/4.2/411.html>