Received: by mail.netbsd.org (Postfix, from userid 605) id 1AF0184DB2; Sun, 4 Sep 2022 12:04:04 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 53ECA84D2F for ; Sun, 4 Sep 2022 12:04:03 +0000 (UTC) X-Virus-Scanned: amavisd-new at netbsd.org Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.netbsd.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id gtEnlbKyf7vT for ; Sun, 4 Sep 2022 12:04:02 +0000 (UTC) Received: from cvs.NetBSD.org (ivanova.NetBSD.org [IPv6:2001:470:a085:999:28c:faff:fe03:5984]) by mail.netbsd.org (Postfix) with ESMTP id C278184CEE for ; Sun, 4 Sep 2022 12:04:02 +0000 (UTC) Received: by cvs.NetBSD.org (Postfix, from userid 500) id BC2D8FA8D; Sun, 4 Sep 2022 12:04:02 +0000 (UTC) Content-Transfer-Encoding: 7bit Content-Type: multipart/mixed; boundary="_----------=_1662293042155840" MIME-Version: 1.0 Date: Sun, 4 Sep 2022 12:04:02 +0000 From: "Tobias Nygren" Subject: CVS commit: pkgsrc/www/varnish To: pkgsrc-changes@NetBSD.org Reply-To: tnn@netbsd.org X-Mailer: log_accum Message-Id: <20220904120402.BC2D8FA8D@cvs.NetBSD.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: Precedence: bulk List-Unsubscribe: This is a multi-part message in MIME format. --_----------=_1662293042155840 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Module Name: pkgsrc Committed By: tnn Date: Sun Sep 4 12:04:02 UTC 2022 Modified Files: pkgsrc/www/varnish: Makefile distinfo Log Message: varnish: update to 7.1.1 Fixes CVE-2022-38150 VSV00009 In order to execute an attack, the attacker would have to be able to influence the HTTP/1 responses that the Varnish Server receives from its configured backends. A successful attack would cause the Varnish Server to assert and automatically restart. To generate a diff of this commit: cvs rdiff -u -r1.37 -r1.38 pkgsrc/www/varnish/Makefile cvs rdiff -u -r1.21 -r1.22 pkgsrc/www/varnish/distinfo Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. --_----------=_1662293042155840 Content-Disposition: inline Content-Length: 1731 Content-Transfer-Encoding: binary Content-Type: text/x-diff; charset=us-ascii Modified files: Index: pkgsrc/www/varnish/Makefile diff -u pkgsrc/www/varnish/Makefile:1.37 pkgsrc/www/varnish/Makefile:1.38 --- pkgsrc/www/varnish/Makefile:1.37 Fri Jul 8 22:07:33 2022 +++ pkgsrc/www/varnish/Makefile Sun Sep 4 12:04:02 2022 @@ -1,7 +1,6 @@ -# $NetBSD: Makefile,v 1.37 2022/07/08 22:07:33 wiz Exp $ +# $NetBSD: Makefile,v 1.38 2022/09/04 12:04:02 tnn Exp $ -DISTNAME= varnish-7.1.0 -PKGREVISION= 1 +DISTNAME= varnish-7.1.1 CATEGORIES= www MASTER_SITES= https://varnish-cache.org/_downloads/ EXTRACT_SUFX= .tgz Index: pkgsrc/www/varnish/distinfo diff -u pkgsrc/www/varnish/distinfo:1.21 pkgsrc/www/varnish/distinfo:1.22 --- pkgsrc/www/varnish/distinfo:1.21 Tue Apr 12 22:13:36 2022 +++ pkgsrc/www/varnish/distinfo Sun Sep 4 12:04:02 2022 @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.21 2022/04/12 22:13:36 tnn Exp $ +$NetBSD: distinfo,v 1.22 2022/09/04 12:04:02 tnn Exp $ -BLAKE2s (varnish-7.1.0.tgz) = aa4656da7e2b3d63c551ec7ccee402f813ed13bb2cf43e65a031505acd52a847 -SHA512 (varnish-7.1.0.tgz) = ad9ce0cdc759976fcb7044914d28863edd197167f583fab2d1bc57f4e5b86c224b7c948faf1f7364a2a16bde9c415375d011462bdc43026c5f7a60e65bd21f73 -Size (varnish-7.1.0.tgz) = 3787588 bytes +BLAKE2s (varnish-7.1.1.tgz) = 8d3904c1f7d0b20a924563dc84a039749401e7584a15814a68640968ce40486d +SHA512 (varnish-7.1.1.tgz) = 7c3c081bd37c63b429337a25ebc0c14d780b0c4fd235d18b9ac1004e0bb2f65e70664c5bd25c5d941deeb6bc078f344fa2629cf0d641a0149fe29dcfa07ffcd2 +Size (varnish-7.1.1.tgz) = 3742869 bytes SHA1 (patch-bin_varnishd_cache_cache__panic.c) = cf2b9c1f2c3ba15c7e20baca3c9af607a3e1fa82 SHA1 (patch-etc_Makefile.in) = f4407cad5f9f6c6402ab3b7fce0e1577d70b36be SHA1 (patch-include_tbl_params.h) = 7a52ef6a98ec29409c7284876adffdb5c53facff --_----------=_1662293042155840--