Forum: Too Lazy BBS

Who's Online

System Info

Sysop:	Amessyroom
Location:	Fayetteville, NC
Users:	40
Nodes:	6 (0 / 6)
Uptime:	18:40:56
Calls:	291
Files:	910
Messages:	76,604
Posted today:	1

Accepted trafficserver 9.2.5+ds-0+deb12u1 (source) into proposed-update

From Debian FTP Masters@21:1/5 to All on Sat Aug 31 23:20:01 2024

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 23 Aug 2024 20:20:06 +0200
Source: trafficserver
Architecture: source
Version: 9.2.5+ds-0+deb12u1
Distribution: bookworm-security
Urgency: medium
Maintainer: Jean Baptiste Favre <debian@jbfavre.org>
Changed-By: Jean Baptiste Favre <debian@jbfavre.org>
Closes: 1077141
Changes:
trafficserver (9.2.5+ds-0+deb12u1) bookworm-security; urgency=medium
.
* New upstream version 9.2.5+ds
* CVEs fix (Closes: #1077141)
- CVE-2023-38522: Incomplete field name check allows request smuggling
- CVE-2024-35161: Incomplete check for chunked trailer section allows
request smuggling
- CVE-2024-35296: Invalid Accept-Encoding can force forwarding requests Checksums-Sha1:
69eeda30b5db02ded31fe82eb144330fae6a3791 3024 trafficserver_9.2.5+ds-0+deb12u1.dsc
75948d26ccb5b53362b90a23ee6716d98ec02f9d 8952536 trafficserver_9.2.5+ds.orig.tar.xz
dd2d2126f20055f1d2e5c613a92aba0354e8b80e 36044 trafficserver_9.2.5+ds-0+deb12u1.debian.tar.xz
8b198469dc81a244998112dc6b6f4c2e020876f1 12886 trafficserver_9.2.5+ds-0+deb12u1_source.buildinfo
Checksums-Sha256:
da998419192c8c3b8f3020afac45c4cb4bdd1ae240ad0352ed383576f9bff81b 3024 trafficserver_9.2.5+ds-0+deb12u1.dsc
dbf4de96e1c5077bc2148ef065bd271ab6d73d71285a7568c60ae59e900692bd 8952536 trafficserver_9.2.5+ds.orig.tar.xz
73237b307284aac2672477d99800d611a1b956c0335006b0d6d7b3519dc37b4d 36044 trafficserver_9.2.5+ds-0+deb12u1.debian.tar.xz
fb49c188b3f36a4a6469cd6c9a19c610c1241482389f0eac3239f7a4d0873272 12886 trafficserver_9.2.5+ds-0+deb12u1_source.buildinfo
Files:
c7a84cf58741edb165f9c7a38d6b6b08 3024 web optional trafficserver_9.2.5+ds-0+deb12u1.dsc
b4dd8ce30023f3a0629fe44668c1c2d9 8952536 web optional trafficserver_9.2.5+ds.orig.tar.xz
27e8211d6b46c83ee6176ef7645e0747 36044 web optional trafficserver_9.2.5+ds-0+deb12u1.debian.tar.xz
bfa9e50d2a36dd31c2f87526bca64211 12886 web optional trafficserver_9.2.5+ds-0+deb12u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEToRbojDLTUSJBphHtN1Tas99hzcFAmbI9ahfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDRF ODQ1QkEyMzBDQjRENDQ4OTA2OTg0N0I0REQ1MzZBQ0Y3RDg3MzcACgkQtN1Tas99 hzfg2xAAheBy9g0hD8zMWEx/tOXZnVD7H0PgYp4bh0mPZnHgr3tD3JkFGDq3bnha D8H++dQdetfoieZLj6IJ+SbAHGvoRAB+IJP0EX/szIsEYTPdXJgFLyEMmWo+Ry3N KtgiCjkHKxGl/uQlVug6Ok7d1KADXoQVXSqBXZ+88B5fiNOJGVd4Qn6ah+ytexwx qqDcKhO2/dVWH5Oy07UJW+YvQNl/s7n84415/lwYbG5DSOEDnerO1oMvm7hIXlSS nhvcxmR2awDMV6aq+xN+smcePUqJRPm+CYcmGvI0gNMdBUGYXM/gphfJ8rltl4uE oJtFWaFL+Ap36YjIBDTQB+0D4i0D1pbLyuibTkfEt/HQ6MFClb7pkpVEk81MMbzS 2OSe4Y8Vc/lxEVknpvSiR7qqkYnrnjxFfgdx9h6R87TygYn231gvzqVFlxL7NDmr G8qtoG6uRXZ/I6Kr/4i4U9AtQGheloVn5sCss0hGo8embenND7nIQ66sQeeicP/r lgtKs+sRb7fnxBGd6MWkJKNNHf0ILBz8Ewmyhq3of8TU/iG3VqbRT4OA5HhD9ubZ xvWDhcTQIYuYRAooeS2Pgk2qK+i+7ZDN7Lmv4lwFHgZ133398DlxgYsA+uDaHEjw Lom9Ig8DWyA2HqFw+yu0TuUija5cocuNcikjeVoSLuRTmDB7hy8=
=8L/P
-----END PGP SIGNATURE-----

--==============¶56993293457443023=Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----

iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCZtOIagAKCRCb9qggYcy5 IZlVAQDztf5cbFAVvuo0LJ1v876HhZpE1JQ5lCaWW16/jmn8EgEA7P7cZ+Vs5Hoi 9XtkmM6K0scXAEObnVlMOPPEzn6VpQE=3vnI
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Who's Online

System Info

Accepted trafficserver 9.2.5+ds-0+deb12u1 (source) into proposed-update