Update Info


Security update for varnish

Type: security
Severity: moderate
Issued: 2019-09-30
This update for varnish fixes the following issues:

Security issue fixed:

- CVE-2019-15892: Fixed a potential denial of service by sending crafted HTTP/1 requests (boo#1149382).

Non-security issues fixed:
- Updated the package to release 6.2.1.
- Added a thread pool watchdog which will restart the worker process if scheduling tasks onto worker threads appears stuck. The new parameter "thread_pool_watchdog" configures it.
- Disabled error for clobbering, which caused bogus error in varnishtest.

This update was imported from the openSUSE:Leap:15.0:Update update project.



  • varnish-6.2.1-bp151.4.3.1