Information on source package trafficserver

Available versions

ReleaseVersion
stretch7.0.0-6+deb9u1
stretch (security)7.0.0-6+deb9u2
buster7.1.4+ds-1
sid8.0.0-1

Resolved issues

BugDescription
CVE-2018-8040Pages that are rendered using the ESI plugin can have access to the ...
CVE-2018-8022A carefully crafted invalid TLS handshake can cause Apache Traffic ...
CVE-2018-8005When there are multiple ranges in a range request, Apache Traffic ...
CVE-2018-8004There are multiple HTTP smuggling and cache poisoning issues when ...
CVE-2018-1318Adding method ACLs in remap.config can cause a segfault when the user ...
CVE-2017-7671There is a DOS attack vulnerability in Apache Traffic Server (ATS) ...
CVE-2017-5660There is a vulnerability in Apache Traffic Server (ATS) 6.2.0 and ...
CVE-2017-5659Apache Traffic Server before 6.2.1 generates a coredump when there is ...
CVE-2016-5396Apache Traffic Server 6.0.0 to 6.2.0 are affected by an HPACK Bomb ...
CVE-2015-5206Unspecified vulnerability in the HTTP/2 experimental feature in Apache ...
CVE-2015-5168Unspecified vulnerability in the HTTP/2 experimental feature in Apache ...
CVE-2015-3249The HTTP/2 experimental feature in Apache Traffic Server 5.3.x before ...
CVE-2014-3624Apache Traffic Server 5.1.x before 5.1.1 allows remote attackers to ...
CVE-2014-3525Unspecified vulnerability in Apache Traffic Server 3.x through 3.2.5, ...
CVE-2014-10022Apache Traffic Server before 5.1.2 allows remote attackers to cause a ...
CVE-2012-0256Apache Traffic Server 2.0.x and 3.0.x before 3.0.4 and 3.1.x before ...
CVE-2010-2952Apache Traffic Server before 2.0.1, and 2.1.x before 2.1.2-unstable, ...

Security announcements

DSA / DLADescription
DSA-4282-1trafficserver - security update
DSA-4128-1trafficserver - security update

Search for package or bug name: Reporting problems