--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2023-dcbfbf1396
2023-08-18 01:58:38.704443
--------------------------------------------------------------------------------

Name        : trafficserver
Product     : Fedora 38
Version     : 9.2.2
Release     : 1.fc38
URL         : https://trafficserver.apache.org/
Summary     : Fast, scalable and extensible HTTP/1.1 and HTTP/2 caching proxy server
Description :
Traffic Server is a high-performance building block for cloud services.
It's more than just a caching proxy server; it also has support for
plugins to build large scale web applications.  Key features:

Caching - Improve your response time, while reducing server load and
bandwidth needs by caching and reusing frequently-requested web pages,
images, and web service calls.

Proxying - Easily add keep-alive, filter or anonymize content
requests, or add load balancing by adding a proxy layer.

Fast - Scales well on modern SMP hardware, handling 10s of thousands
of requests per second.

Extensible - APIs to write your own plug-ins to do anything from
modifying HTTP headers to handling ESI requests to writing your own
cache algorithm.

Proven - Handling over 400TB a day at Yahoo! both as forward and
reverse proxies, Apache Traffic Server is battle hardened.

--------------------------------------------------------------------------------
Update Information:

Update to upstream 9.2.2.  Changes with Apache Traffic Server 9.2.2   #9544 -
Docs: format typos in header_rewrite doc   #9754 - Fix OCSP detection during
build (9.2.x)   #9829 - Add TSHttpTxnNextHopPortGet, add NEXT-HOP to header
rewrite   #9831 - Allow slice plugin to purge requests   #9840 - Fix crash on
config reload with BoringSSL   #9877 - Do not add content-length for status 204
cache   #9879 - doc: fix the internal libraries section formatting   #9886 - Fix
deprecated set_class for documentation build   #9943 - Add yaml libs reference
to HTTP proxy test suite.   #9944 - Fix clang-format for 9.2.x branch   #9952 -
92x autest updates   #9959 - 9.2.x: OpenSSL 3.0 tls autest updates (#9947)
#9971 - Update to autest version 1.10.3   #9976 - fix: require
RSRC_CLIENT_REQUEST_HEADERS in ConditionMethod   #9989 - Do not set @SECLEVEL
with boringssl   #10038 - LSan: Fix leaks of Cache Unit Test   #10054 - Demote
SSL log line to debug and remove key printing   #10093 - tools/check-unused-
dependencies:  make exceptions for tools under clang+asan   #10103 - autest
get_port: update to use psutil   #10105 - Update autest to the latest 1.10.4
#10107 - Fix ports.py type hint for sets on older Python   #10124 - Fix DbgCtl
reference that got cherry-picked into 9.2.x   #10125 - Remove duplicate slashes
at the beginning of the incoming URL   #10127 - 9.2.x: Correctly handle encoding
for cache hash generation   #10131 - 9.2.x: Fix a crash triggered by invalid
range header
--------------------------------------------------------------------------------
ChangeLog:

* Wed Aug  9 2023 Jered Floyd  9.2.2-1
- Update to upstream 9.2.2
* Sat Jul 22 2023 Fedora Release Engineering  - 9.2.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2228525 - trafficserver-9.2.2-rc0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2228525
  [ 2 ] Bug #2231467 - CVE-2022-47185 CVE-2023-33934 trafficserver: Two flaws in Apache traffic server [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2231467
  [ 3 ] Bug #2231468 - CVE-2022-47185 CVE-2023-33934 trafficserver: Two flaws in Apache traffic server [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2231468
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-dcbfbf1396' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
Do not reply to spam, report it: https://id.fedoraproject.org/login/gssapi/negotiate

Fedora 38: trafficserver 2023-dcbfbf1396

August 18, 2023
Update to upstream 9.2.2

Summary

Traffic Server is a high-performance building block for cloud services.

It's more than just a caching proxy server; it also has support for

plugins to build large scale web applications. Key features:

Caching - Improve your response time, while reducing server load and

bandwidth needs by caching and reusing frequently-requested web pages,

images, and web service calls.

Proxying - Easily add keep-alive, filter or anonymize content

requests, or add load balancing by adding a proxy layer.

Fast - Scales well on modern SMP hardware, handling 10s of thousands

of requests per second.

Extensible - APIs to write your own plug-ins to do anything from

modifying HTTP headers to handling ESI requests to writing your own

cache algorithm.

Proven - Handling over 400TB a day at Yahoo! both as forward and

reverse proxies, Apache Traffic Server is battle hardened.

Update Information:

Update to upstream 9.2.2. Changes with Apache Traffic Server 9.2.2 #9544 - Docs: format typos in header_rewrite doc #9754 - Fix OCSP detection during build (9.2.x) #9829 - Add TSHttpTxnNextHopPortGet, add NEXT-HOP to header rewrite #9831 - Allow slice plugin to purge requests #9840 - Fix crash on config reload with BoringSSL #9877 - Do not add content-length for status 204 cache #9879 - doc: fix the internal libraries section formatting #9886 - Fix deprecated set_class for documentation build #9943 - Add yaml libs reference to HTTP proxy test suite. #9944 - Fix clang-format for 9.2.x branch #9952 - 92x autest updates #9959 - 9.2.x: OpenSSL 3.0 tls autest updates (#9947) #9971 - Update to autest version 1.10.3 #9976 - fix: require RSRC_CLIENT_REQUEST_HEADERS in ConditionMethod #9989 - Do not set @SECLEVEL with boringssl #10038 - LSan: Fix leaks of Cache Unit Test #10054 - Demote SSL log line to debug and remove key printing #10093 - tool...

Change Log

* Wed Aug 9 2023 Jered Floyd 9.2.2-1 - Update to upstream 9.2.2 * Sat Jul 22 2023 Fedora Release Engineering - 9.2.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild

References

[ 1 ] Bug #2228525 - trafficserver-9.2.2-rc0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2228525 [ 2 ] Bug #2231467 - CVE-2022-47185 CVE-2023-33934 trafficserver: Two flaws in Apache traffic server [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2231467 [ 3 ] Bug #2231468 - CVE-2022-47185 CVE-2023-33934 trafficserver: Two flaws in Apache traffic server [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2231468

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-dcbfbf1396' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
Name : trafficserver
Product : Fedora 38
Version : 9.2.2
Release : 1.fc38
URL : https://trafficserver.apache.org/
Summary : Fast, scalable and extensible HTTP/1.1 and HTTP/2 caching proxy server

Related News

The End of the Road for Linux 6.11: A Call to Upgrade to Kernel 6.12
3 - 5 min read
The Linux kernel community recently issued an EOL announcement regarding the 6.11 kernel series, urging sysadmins to upgrade quickly to 6.12 . This
A Linux Admin
3 - 6 min read
As 2025 approaches, we Linux admins are facing new and often unseen cloud-native security obstacles. While skilled at mitigating known risks,
Leveraging Insights from the Linux Foundation
3 - 5 min read
The Linux Foundation's recent Census III report provides critical insights for Linux administrators, information security professionals, and anyone
Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns
3 - 6 min read
Google recently unveiled a critical security update to their popular web browser, Google Chrome, addressing over a dozen significant security
From Wayland Fixes to Security Boosts: Examining Qt 6.8.1
3 - 6 min read
The recent Qt 6.8.1 release brings significant updates and improvements, strengthening its reputation as a secure and reliable application
Exploring Arch Linux 2024.12.01: Security Implications & Notable Enhancements for Linux Admins
3 - 6 min read
The Arch Linux 2024.12.01 ISO release marks an impressive milestone, offering cutting-edge updates that enhance functionality, streamline
Deck the Halls with Enhanced Security: Linux Kernel 6.13
3 - 5 min read
As Linux admins and infosec professionals prepare for the holiday season, there's much cause for celebration this year! Linus Torvalds recently made
Lessons from Bootkitty: Securing Linux Systems Against UEFI Intrusions
3 - 5 min read
New Linux security threats mark critical junctures that challenge existing policies and test security protocols to their limit. One such milestone

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved