Red Hat Product Errata RHSA-2024:2820 - Security Advisory
Issued:
2024-05-13
Updated:
2024-05-13

RHSA-2024:2820 - Security Advisory

Synopsis

Important: varnish security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for varnish is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up.

Security Fix(es):

  • varnish: HTTP/2 Broken Window Attack may result in denial of service (CVE-2024-30156)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.2 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2 ppc64le
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64
  • Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.2 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.2 ppc64le
  • Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.2 s390x
  • Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.2 aarch64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x

Fixes

  • BZ - 2271486 - CVE-2024-30156 varnish: HTTP/2 Broken Window Attack may result in denial of service

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2

SRPM
varnish-6.6.2-3.el9_2.2.src.rpm SHA-256: 9797ac7f1de34db7c14f6825a96330d028d33f079771439e896a955d3a246c0a
x86_64
varnish-6.6.2-3.el9_2.2.i686.rpm SHA-256: 0910b8aa03a9c99e031069a3446f54aa2a8954014d78a8f6b80f2244827307e9
varnish-6.6.2-3.el9_2.2.x86_64.rpm SHA-256: 493021df5b0a9914dedfe06cdc16bb64471c2c123224b8a34f391460da513db8
varnish-docs-6.6.2-3.el9_2.2.x86_64.rpm SHA-256: c1fcabc350bc6a5104d466cf87fed2e0d78584b185783502b665e3cb36335051

Red Hat Enterprise Linux Server - AUS 9.2

SRPM
varnish-6.6.2-3.el9_2.2.src.rpm SHA-256: 9797ac7f1de34db7c14f6825a96330d028d33f079771439e896a955d3a246c0a
x86_64
varnish-6.6.2-3.el9_2.2.i686.rpm SHA-256: 0910b8aa03a9c99e031069a3446f54aa2a8954014d78a8f6b80f2244827307e9
varnish-6.6.2-3.el9_2.2.x86_64.rpm SHA-256: 493021df5b0a9914dedfe06cdc16bb64471c2c123224b8a34f391460da513db8
varnish-docs-6.6.2-3.el9_2.2.x86_64.rpm SHA-256: c1fcabc350bc6a5104d466cf87fed2e0d78584b185783502b665e3cb36335051

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2

SRPM
varnish-6.6.2-3.el9_2.2.src.rpm SHA-256: 9797ac7f1de34db7c14f6825a96330d028d33f079771439e896a955d3a246c0a
s390x
varnish-6.6.2-3.el9_2.2.s390x.rpm SHA-256: 838b038948039d6e30b4277858d3259a526b2a9ae036560162ddb12aa3f9d135
varnish-docs-6.6.2-3.el9_2.2.s390x.rpm SHA-256: 4907ca5d40b94f3526dd5c717f3f74ca5fde037cd466f94920fd3ead90f88c2c

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2

SRPM
varnish-6.6.2-3.el9_2.2.src.rpm SHA-256: 9797ac7f1de34db7c14f6825a96330d028d33f079771439e896a955d3a246c0a
ppc64le
varnish-6.6.2-3.el9_2.2.ppc64le.rpm SHA-256: edb347f22cc344c7b397f997d732a89bb35717ab5653be0c0a95fcca1172f339
varnish-docs-6.6.2-3.el9_2.2.ppc64le.rpm SHA-256: b2cd034a5a016d65c4045e0e148ad589e906cf1ffaed70c41c47348436a43112

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2

SRPM
varnish-6.6.2-3.el9_2.2.src.rpm SHA-256: 9797ac7f1de34db7c14f6825a96330d028d33f079771439e896a955d3a246c0a
aarch64
varnish-6.6.2-3.el9_2.2.aarch64.rpm SHA-256: ac8c15c33f8ea9bc7ed10a63054b77f4188283ee650f8b8d18289133dca0f5d0
varnish-docs-6.6.2-3.el9_2.2.aarch64.rpm SHA-256: 65afd34879563d1ee2864aaf90f81bbf9620b7011c0a960bb6997f75d259fe86

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2

SRPM
varnish-6.6.2-3.el9_2.2.src.rpm SHA-256: 9797ac7f1de34db7c14f6825a96330d028d33f079771439e896a955d3a246c0a
ppc64le
varnish-6.6.2-3.el9_2.2.ppc64le.rpm SHA-256: edb347f22cc344c7b397f997d732a89bb35717ab5653be0c0a95fcca1172f339
varnish-docs-6.6.2-3.el9_2.2.ppc64le.rpm SHA-256: b2cd034a5a016d65c4045e0e148ad589e906cf1ffaed70c41c47348436a43112

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2

SRPM
varnish-6.6.2-3.el9_2.2.src.rpm SHA-256: 9797ac7f1de34db7c14f6825a96330d028d33f079771439e896a955d3a246c0a
x86_64
varnish-6.6.2-3.el9_2.2.i686.rpm SHA-256: 0910b8aa03a9c99e031069a3446f54aa2a8954014d78a8f6b80f2244827307e9
varnish-6.6.2-3.el9_2.2.x86_64.rpm SHA-256: 493021df5b0a9914dedfe06cdc16bb64471c2c123224b8a34f391460da513db8
varnish-docs-6.6.2-3.el9_2.2.x86_64.rpm SHA-256: c1fcabc350bc6a5104d466cf87fed2e0d78584b185783502b665e3cb36335051

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.2

SRPM
x86_64
varnish-devel-6.6.2-3.el9_2.2.i686.rpm SHA-256: 84d438a3f166214cbb024af71afb6850ca1a0f790d9036dfcfd67a5ab68007ff
varnish-devel-6.6.2-3.el9_2.2.x86_64.rpm SHA-256: f3b96a0cbbcf3d3c0ff8771ab341343dc169ec12e7e4647b3d33e73aee53ffed

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.2

SRPM
ppc64le
varnish-devel-6.6.2-3.el9_2.2.ppc64le.rpm SHA-256: 9c8d6c20359522068ca143975d2ed1d0fd9214af87995c3c6bca38d6a80d1528

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.2

SRPM
s390x
varnish-devel-6.6.2-3.el9_2.2.s390x.rpm SHA-256: 27f7555e7a85de5a581f39c4c448cd3883171e29feaf24451dc482b37e8a057b

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.2

SRPM
aarch64
varnish-devel-6.6.2-3.el9_2.2.aarch64.rpm SHA-256: 25fb9ac08638df64ccf2afd07f95c71d6c138d1fc15d941b9048352fa3af4056

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2

SRPM
varnish-6.6.2-3.el9_2.2.src.rpm SHA-256: 9797ac7f1de34db7c14f6825a96330d028d33f079771439e896a955d3a246c0a
aarch64
varnish-6.6.2-3.el9_2.2.aarch64.rpm SHA-256: ac8c15c33f8ea9bc7ed10a63054b77f4188283ee650f8b8d18289133dca0f5d0
varnish-docs-6.6.2-3.el9_2.2.aarch64.rpm SHA-256: 65afd34879563d1ee2864aaf90f81bbf9620b7011c0a960bb6997f75d259fe86

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2

SRPM
varnish-6.6.2-3.el9_2.2.src.rpm SHA-256: 9797ac7f1de34db7c14f6825a96330d028d33f079771439e896a955d3a246c0a
s390x
varnish-6.6.2-3.el9_2.2.s390x.rpm SHA-256: 838b038948039d6e30b4277858d3259a526b2a9ae036560162ddb12aa3f9d135
varnish-docs-6.6.2-3.el9_2.2.s390x.rpm SHA-256: 4907ca5d40b94f3526dd5c717f3f74ca5fde037cd466f94920fd3ead90f88c2c

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.