Information on source package varnish

Available versions

ReleaseVersion
jessie (security)4.0.2-1+deb8u1
stretch (security)5.0.0-7+deb9u2
buster (security)6.1.1-1+deb10u1
bullseye6.2.1-2
sid6.2.1-2

Open unimportant issues

BugjessiestretchbusterbullseyesidDescription
CVE-2009-4488vulnerablevulnerablevulnerablevulnerablevulnerable** DISPUTED ** Varnish 2.0.6 writes data to a log file without sanitiz ...

Resolved issues

BugDescription
CVE-2019-15892An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x a ...
CVE-2017-8807vbf_stp_error in bin/varnishd/cache/cache_fetch.c in Varnish HTTP Cach ...
CVE-2017-12425An issue was discovered in Varnish HTTP Cache 4.0.1 through 4.0.4, 4.1 ...
CVE-2015-8852Varnish 3.x before 3.0.7, when used in certain stacked installations, ...
CVE-2013-4484Varnish before 3.0.5 allows remote attackers to cause a denial of serv ...
CVE-2013-0345varnish 3.0.3 uses world-readable permissions for the /var/log/varnish ...
CVE-2009-2936** DISPUTED ** The Command Line Interface (aka Server CLI or administr ...

Security announcements

DSA / DLADescription
DSA-4514-1varnish - security update
DSA-4034-1varnish - security update
DSA-3924-1varnish - security update
DSA-3924-1varnish - security update
DSA-3553-1varnish - security update
DSA-2814-1varnish - denial of service
DSA-2814-1varnish - denial of service

Search for package or bug name: Reporting problems