发布：: 2025-06-04
已更新：: 2025-06-04

RHSA-2025:8550 - Security Advisory

概述
更新的软件包

概述

Important: varnish security update

类型/严重性

Security Advisory: Important

Red Hat Lightspeed patch analysis

识别并修复受此公告影响的系统。

查看受影响的系统

标题

An update for varnish is now available for Red Hat Enterprise Linux 10.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

描述

Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up.

Security Fix(es):

varnish: request smuggling attacks (CVE-2025-47905)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

解决方案

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

受影响的产品

Red Hat Enterprise Linux for x86_64 10 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 x86_64
Red Hat Enterprise Linux for IBM z Systems 10 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 s390x
Red Hat Enterprise Linux for Power, little endian 10 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 ppc64le
Red Hat Enterprise Linux for ARM 64 10 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 aarch64
Red Hat CodeReady Linux Builder for x86_64 10 x86_64
Red Hat CodeReady Linux Builder for Power, little endian 10 ppc64le
Red Hat CodeReady Linux Builder for ARM 64 10 aarch64
Red Hat CodeReady Linux Builder for IBM z Systems 10 s390x
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 10.0 x86_64
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 10.0 ppc64le
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 10.0 s390x
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 10.0 aarch64
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0 aarch64
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0 s390x
Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0 ppc64le
Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0 x86_64

修复

BZ - 2364235 - CVE-2025-47905 varnish: request smuggling attacks

CVE

CVE-2025-47905

参考

https://access.redhat.com/security/updates/classification/#important

注：: 可能有这些软件包的更新版本。点击软件包名称查看详情。

Red Hat Enterprise Linux for x86_64 10

SRPM
varnish-7.6.1-2.el10_0.1.src.rpm	SHA-256: d3277aa8ab06ce5f8af1321b4473a55df9ea26bc222c5e093e9c505ed3229900
x86_64
varnish-7.6.1-2.el10_0.1.x86_64.rpm	SHA-256: 2f58ceb51498be7e281372c585ca19541a2da88d55398c8b060a815830d99e6d
varnish-docs-7.6.1-2.el10_0.1.x86_64.rpm	SHA-256: 88560a09ec0e1f8988e505e48a8a7aaddb18a79994161e09ee7e53527a60e245

Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0

SRPM
varnish-7.6.1-2.el10_0.1.src.rpm	SHA-256: d3277aa8ab06ce5f8af1321b4473a55df9ea26bc222c5e093e9c505ed3229900
x86_64
varnish-7.6.1-2.el10_0.1.x86_64.rpm	SHA-256: 2f58ceb51498be7e281372c585ca19541a2da88d55398c8b060a815830d99e6d
varnish-docs-7.6.1-2.el10_0.1.x86_64.rpm	SHA-256: 88560a09ec0e1f8988e505e48a8a7aaddb18a79994161e09ee7e53527a60e245

Red Hat Enterprise Linux for IBM z Systems 10

SRPM
varnish-7.6.1-2.el10_0.1.src.rpm	SHA-256: d3277aa8ab06ce5f8af1321b4473a55df9ea26bc222c5e093e9c505ed3229900
s390x
varnish-7.6.1-2.el10_0.1.s390x.rpm	SHA-256: d95d6f9dd84d99320b7f0137c88456c494e1d00d98aafe591cb30bba20ba4fcd
varnish-docs-7.6.1-2.el10_0.1.s390x.rpm	SHA-256: 66ed4aced765cdabbaf34d9c2d210076bfdd826a8c930e124502e9ed85d0e50b

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0

SRPM
varnish-7.6.1-2.el10_0.1.src.rpm	SHA-256: d3277aa8ab06ce5f8af1321b4473a55df9ea26bc222c5e093e9c505ed3229900
s390x
varnish-7.6.1-2.el10_0.1.s390x.rpm	SHA-256: d95d6f9dd84d99320b7f0137c88456c494e1d00d98aafe591cb30bba20ba4fcd
varnish-docs-7.6.1-2.el10_0.1.s390x.rpm	SHA-256: 66ed4aced765cdabbaf34d9c2d210076bfdd826a8c930e124502e9ed85d0e50b

Red Hat Enterprise Linux for Power, little endian 10

SRPM
varnish-7.6.1-2.el10_0.1.src.rpm	SHA-256: d3277aa8ab06ce5f8af1321b4473a55df9ea26bc222c5e093e9c505ed3229900
ppc64le
varnish-7.6.1-2.el10_0.1.ppc64le.rpm	SHA-256: 01a67b18c42775d247925da3cb7a2153a635a2ea4fc9193ad2cc26f06d6e4cfe
varnish-docs-7.6.1-2.el10_0.1.ppc64le.rpm	SHA-256: 4cf86729d2c3b7db36d18ca8541ac29b71d32bce826f6677ea53758a4321023f

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0

SRPM
varnish-7.6.1-2.el10_0.1.src.rpm	SHA-256: d3277aa8ab06ce5f8af1321b4473a55df9ea26bc222c5e093e9c505ed3229900
ppc64le
varnish-7.6.1-2.el10_0.1.ppc64le.rpm	SHA-256: 01a67b18c42775d247925da3cb7a2153a635a2ea4fc9193ad2cc26f06d6e4cfe
varnish-docs-7.6.1-2.el10_0.1.ppc64le.rpm	SHA-256: 4cf86729d2c3b7db36d18ca8541ac29b71d32bce826f6677ea53758a4321023f

Red Hat Enterprise Linux for ARM 64 10

SRPM
varnish-7.6.1-2.el10_0.1.src.rpm	SHA-256: d3277aa8ab06ce5f8af1321b4473a55df9ea26bc222c5e093e9c505ed3229900
aarch64
varnish-7.6.1-2.el10_0.1.aarch64.rpm	SHA-256: b3acad1c16018960cb3bbfa4d03f9597319ade6984885fb5e536fdc55b843f37
varnish-docs-7.6.1-2.el10_0.1.aarch64.rpm	SHA-256: 9e324ea1b8553d7bfb7246bf8e7bf8b657a6a980fcdeef1e5ccc48aed78e7ef1

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0

SRPM
varnish-7.6.1-2.el10_0.1.src.rpm	SHA-256: d3277aa8ab06ce5f8af1321b4473a55df9ea26bc222c5e093e9c505ed3229900
aarch64
varnish-7.6.1-2.el10_0.1.aarch64.rpm	SHA-256: b3acad1c16018960cb3bbfa4d03f9597319ade6984885fb5e536fdc55b843f37
varnish-docs-7.6.1-2.el10_0.1.aarch64.rpm	SHA-256: 9e324ea1b8553d7bfb7246bf8e7bf8b657a6a980fcdeef1e5ccc48aed78e7ef1

Red Hat CodeReady Linux Builder for x86_64 10

SRPM
x86_64
varnish-devel-7.6.1-2.el10_0.1.x86_64.rpm	SHA-256: b3eb0c4ab857a4357bad3798ae8492bbecba554b44c79860823aaeeb817e0402

Red Hat CodeReady Linux Builder for Power, little endian 10

SRPM
ppc64le
varnish-devel-7.6.1-2.el10_0.1.ppc64le.rpm	SHA-256: 5404e96cda938ea7a41a16559ab00352b43c2f4f54fff4f153948955dd1dab10

Red Hat CodeReady Linux Builder for ARM 64 10

SRPM
aarch64
varnish-devel-7.6.1-2.el10_0.1.aarch64.rpm	SHA-256: 2b584096a3d24512e18249fb15909f90c0dde600ae0dc8a6c73b87389d5676e4

Red Hat CodeReady Linux Builder for IBM z Systems 10

SRPM
s390x
varnish-devel-7.6.1-2.el10_0.1.s390x.rpm	SHA-256: 7e2d5df0f374a1b2c80a27bd791fab5ea7205a015759f1ecad45bcaa743e181c

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 10.0

SRPM
x86_64
varnish-devel-7.6.1-2.el10_0.1.x86_64.rpm	SHA-256: b3eb0c4ab857a4357bad3798ae8492bbecba554b44c79860823aaeeb817e0402

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 10.0

SRPM
ppc64le
varnish-devel-7.6.1-2.el10_0.1.ppc64le.rpm	SHA-256: 5404e96cda938ea7a41a16559ab00352b43c2f4f54fff4f153948955dd1dab10

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 10.0

SRPM
s390x
varnish-devel-7.6.1-2.el10_0.1.s390x.rpm	SHA-256: 7e2d5df0f374a1b2c80a27bd791fab5ea7205a015759f1ecad45bcaa743e181c

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 10.0

SRPM
aarch64
varnish-devel-7.6.1-2.el10_0.1.aarch64.rpm	SHA-256: 2b584096a3d24512e18249fb15909f90c0dde600ae0dc8a6c73b87389d5676e4

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0

SRPM
varnish-7.6.1-2.el10_0.1.src.rpm	SHA-256: d3277aa8ab06ce5f8af1321b4473a55df9ea26bc222c5e093e9c505ed3229900
aarch64
varnish-7.6.1-2.el10_0.1.aarch64.rpm	SHA-256: b3acad1c16018960cb3bbfa4d03f9597319ade6984885fb5e536fdc55b843f37
varnish-docs-7.6.1-2.el10_0.1.aarch64.rpm	SHA-256: 9e324ea1b8553d7bfb7246bf8e7bf8b657a6a980fcdeef1e5ccc48aed78e7ef1

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0

SRPM
varnish-7.6.1-2.el10_0.1.src.rpm	SHA-256: d3277aa8ab06ce5f8af1321b4473a55df9ea26bc222c5e093e9c505ed3229900
s390x
varnish-7.6.1-2.el10_0.1.s390x.rpm	SHA-256: d95d6f9dd84d99320b7f0137c88456c494e1d00d98aafe591cb30bba20ba4fcd
varnish-docs-7.6.1-2.el10_0.1.s390x.rpm	SHA-256: 66ed4aced765cdabbaf34d9c2d210076bfdd826a8c930e124502e9ed85d0e50b

Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0

SRPM
varnish-7.6.1-2.el10_0.1.src.rpm	SHA-256: d3277aa8ab06ce5f8af1321b4473a55df9ea26bc222c5e093e9c505ed3229900
ppc64le
varnish-7.6.1-2.el10_0.1.ppc64le.rpm	SHA-256: 01a67b18c42775d247925da3cb7a2153a635a2ea4fc9193ad2cc26f06d6e4cfe
varnish-docs-7.6.1-2.el10_0.1.ppc64le.rpm	SHA-256: 4cf86729d2c3b7db36d18ca8541ac29b71d32bce826f6677ea53758a4321023f

Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0

SRPM
varnish-7.6.1-2.el10_0.1.src.rpm	SHA-256: d3277aa8ab06ce5f8af1321b4473a55df9ea26bc222c5e093e9c505ed3229900
x86_64
varnish-7.6.1-2.el10_0.1.x86_64.rpm	SHA-256: 2f58ceb51498be7e281372c585ca19541a2da88d55398c8b060a815830d99e6d
varnish-docs-7.6.1-2.el10_0.1.x86_64.rpm	SHA-256: 88560a09ec0e1f8988e505e48a8a7aaddb18a79994161e09ee7e53527a60e245

Red Hat 安全团队联络方式为 secalert@redhat.com。更多联络细节请参考 https://access.redhat.com/security/team/contact/。