Lucene search
SuseOPENSUSE-SU-2020:0819-1HistoryJun 16, 2020 - 12:00 a.m.
Security update for varnish (moderate)
2020-06-1600:00:00
lists.opensuse.org
26
EPSS
0.002
Percentile
60.7%
An update that fixes two vulnerabilities is now available.
Description:
This update for varnish fixes the following issues:
- CVE-2019-20637: Fixed an information leak when handling one client
request and the next on the same connection (boo#1169040) - CVE-2020-11653: Fixed a performance loss due to an assertion failure and
daemon restart when communicating with TLS termination proxy that uses
PROXY version 2 (boo#1169039)
This update was imported from the openSUSE:Leap:15.1:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
-
openSUSE Backports SLE-15-SP1:
zypper in -t patch openSUSE-2020-819=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Backports SLE | 15-SP1 | aarch64 | - opensuse backports sle | < 15-SP1 (aarch64 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP1 (aarch64 ppc64le s390x x86_64):.aarch64.rpm |
| openSUSE Backports SLE | 15-SP1 | ppc64le | - opensuse backports sle | < 15-SP1 (aarch64 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP1 (aarch64 ppc64le s390x x86_64):.ppc64le.rpm |
| openSUSE Backports SLE | 15-SP1 | s390x | - opensuse backports sle | < 15-SP1 (aarch64 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP1 (aarch64 ppc64le s390x x86_64):.s390x.rpm |
| openSUSE Backports SLE | 15-SP1 | x86_64 | - opensuse backports sle | < 15-SP1 (aarch64 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP1 (aarch64 ppc64le s390x x86_64):.x86_64.rpm |
Related
nessus
nessus
openSUSE Security Update : varnish (openSUSE-2020-808)
2020-07-20 00:00:00
Oracle Linux 8 : varnish:6 (ELSA-2020-4756)
2020-11-12 00:00:00
RHEL 8 : varnish:6 (RHSA-2020:4756)
2020-11-04 00:00:00
suse
suse
Security update for varnish (moderate)
2020-06-16 00:00:00
openvas
openvas
openSUSE: Security Advisory for varnish (openSUSE-SU-2020:0808-1)
2020-06-17 00:00:00
Ubuntu: Security Advisory (USN-5474-1)
2022-06-09 00:00:00
Ubuntu: Security Advisory (USN-5474-2)
2022-08-26 00:00:00
osv
osv
Moderate: varnish:6 security, bug fix, and enhancement update
2020-11-03 12:33:31
varnish vulnerabilities
2022-06-08 19:20:14
varnish regression
2022-08-23 19:00:19
oraclelinux
oraclelinux
varnish:6 security, bug fix, and enhancement update
2020-11-10 00:00:00
almalinux
almalinux
Moderate: varnish:6 security, bug fix, and enhancement update
2020-11-03 12:33:31
redhat
redhat
rocky
rocky
varnish:6 security, bug fix, and enhancement update
2020-11-03 12:33:31
ubuntu
ubuntu
Varnish Cache vulnerabilities
2022-06-08 00:00:00
Varnish Cache regression
2022-08-23 00:00:00
cvelist
cvelist
CVE-2019-20637
2020-04-08 23:01:30
CVE-2020-11653
2020-04-08 00:00:00
prion
prion
Cross site request forgery (csrf)
2020-04-08 23:15:00
Design/Logic Flaw
2020-04-08 23:15:00
nvd
nvd
CVE-2019-20637
2020-04-08 23:15:12
CVE-2020-11653
2020-04-08 23:15:12
veracode
veracode
Denial Of Service (DoS)
2022-12-10 03:15:38
redhatcve
redhatcve
CVE-2020-11653
2020-04-09 11:03:19
CVE-2019-20637
2020-04-09 11:03:12
cve
cve
CVE-2019-20637
2020-04-08 23:15:12
CVE-2020-11653
2020-04-08 23:15:12
ubuntucve
ubuntucve
CVE-2019-20637
2020-04-08 00:00:00
CVE-2020-11653
2020-04-08 00:00:00
debiancve
debiancve
CVE-2019-20637
2020-04-08 23:15:12
CVE-2020-11653
2020-04-08 23:15:12
debian
debian
[SECURITY] [DLA 3208-1] varnish security update
2022-11-27 22:35:03