Update Info

openSUSE-2022-10198

Security update for varnish

Type: security
Severity: important
Issued: 2022-11-11
Description:
This update for varnish fixes the following issues:

Update to 7.2.1:

- CVE-2022-45059: Fixed a HTTP request smuggling via hop-by-hop headers (boo#1205243).
- CVE-2022-45060: Fixed a HTTP request forgery via character injection through HTTP/2 pseudo-headers (boo#1205242).

References

Packages

  • varnish-7.2.1-bp154.2.9.1