158 lines
8.7 KiB
XML
158 lines
8.7 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<cvrfdoc xmlns="http://www.icasi.org/CVRF/schema/cvrf/1.1" xmlns:cvrf="http://www.icasi.org/CVRF/schema/cvrf/1.1">
|
|
<DocumentTitle xml:lang="en">An update for trafficserver is now available for openEuler-24.03-LTS</DocumentTitle>
|
|
<DocumentType>Security Advisory</DocumentType>
|
|
<DocumentPublisher Type="Vendor">
|
|
<ContactDetails>openeuler-security@openeuler.org</ContactDetails>
|
|
<IssuingAuthority>openEuler security committee</IssuingAuthority>
|
|
</DocumentPublisher>
|
|
<DocumentTracking>
|
|
<Identification>
|
|
<ID>openEuler-SA-2024-1955</ID>
|
|
</Identification>
|
|
<Status>Final</Status>
|
|
<Version>1.0</Version>
|
|
<RevisionHistory>
|
|
<Revision>
|
|
<Number>1.0</Number>
|
|
<Date>2024-08-09</Date>
|
|
<Description>Initial</Description>
|
|
</Revision>
|
|
</RevisionHistory>
|
|
<InitialReleaseDate>2024-08-09</InitialReleaseDate>
|
|
<CurrentReleaseDate>2024-08-09</CurrentReleaseDate>
|
|
<Generator>
|
|
<Engine>openEuler SA Tool V1.0</Engine>
|
|
<Date>2024-08-09</Date>
|
|
</Generator>
|
|
</DocumentTracking>
|
|
<DocumentNotes>
|
|
<Note Title="Synopsis" Type="General" Ordinal="1" xml:lang="en">trafficserver security update</Note>
|
|
<Note Title="Summary" Type="General" Ordinal="2" xml:lang="en">An update for trafficserver is now available for openEuler-24.03-LTS</Note>
|
|
<Note Title="Description" Type="General" Ordinal="3" xml:lang="en">Apache Traffic Server is an OpenSource HTTP / HTTPS / HTTP/2 / QUIC reverse, forward and transparent proxy and cache.
|
|
|
|
Security Fix(es):
|
|
|
|
Apache Traffic Server accepts characters that are not allowed for HTTP field names and forwards malformed requests to origin servers. This can be utilized for request smuggling and may also lead cache poisoning if the origin servers are vulnerable.
|
|
|
|
This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4.
|
|
|
|
Users are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue.(CVE-2023-38522)
|
|
|
|
Apache Traffic Server forwards malformed HTTP chunked trailer section to origin servers. This can be utilized for request smuggling and may also lead cache poisoning if the origin servers are vulnerable.
|
|
|
|
This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4.
|
|
|
|
Users can set a new setting (proxy.config.http.drop_chunked_trailers) not to forward chunked trailer section.
|
|
Users are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue.(CVE-2024-35161)</Note>
|
|
<Note Title="Topic" Type="General" Ordinal="4" xml:lang="en">An update for trafficserver is now available for openEuler-24.03-LTS.
|
|
|
|
openEuler Security has rated this update as having a security impact of critical. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.</Note>
|
|
<Note Title="Severity" Type="General" Ordinal="5" xml:lang="en">Critical</Note>
|
|
<Note Title="Affected Component" Type="General" Ordinal="6" xml:lang="en">trafficserver</Note>
|
|
</DocumentNotes>
|
|
<DocumentReferences>
|
|
<Reference Type="Self">
|
|
<URL>https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1955</URL>
|
|
</Reference>
|
|
<Reference Type="openEuler CVE">
|
|
<URL>https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-38522</URL>
|
|
<URL>https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-35161</URL>
|
|
</Reference>
|
|
<Reference Type="Other">
|
|
<URL>https://nvd.nist.gov/vuln/detail/CVE-2023-38522</URL>
|
|
<URL>https://nvd.nist.gov/vuln/detail/CVE-2024-35161</URL>
|
|
</Reference>
|
|
</DocumentReferences>
|
|
<ProductTree xmlns="http://www.icasi.org/CVRF/schema/prod/1.1">
|
|
<Branch Type="Product Name" Name="openEuler">
|
|
<FullProductName ProductID="openEuler-24.03-LTS" CPE="cpe:/a:openEuler:openEuler:24.03-LTS">openEuler-24.03-LTS</FullProductName>
|
|
</Branch>
|
|
<Branch Type="Package Arch" Name="aarch64">
|
|
<FullProductName ProductID="trafficserver-9.2.5-1" CPE="cpe:/a:openEuler:openEuler:24.03-LTS" EPOL="true">trafficserver-9.2.5-1.oe2403.aarch64.rpm</FullProductName>
|
|
<FullProductName ProductID="trafficserver-debuginfo-9.2.5-1" CPE="cpe:/a:openEuler:openEuler:24.03-LTS" EPOL="true">trafficserver-debuginfo-9.2.5-1.oe2403.aarch64.rpm</FullProductName>
|
|
<FullProductName ProductID="trafficserver-debugsource-9.2.5-1" CPE="cpe:/a:openEuler:openEuler:24.03-LTS" EPOL="true">trafficserver-debugsource-9.2.5-1.oe2403.aarch64.rpm</FullProductName>
|
|
<FullProductName ProductID="trafficserver-devel-9.2.5-1" CPE="cpe:/a:openEuler:openEuler:24.03-LTS" EPOL="true">trafficserver-devel-9.2.5-1.oe2403.aarch64.rpm</FullProductName>
|
|
<FullProductName ProductID="trafficserver-perl-9.2.5-1" CPE="cpe:/a:openEuler:openEuler:24.03-LTS" EPOL="true">trafficserver-perl-9.2.5-1.oe2403.aarch64.rpm</FullProductName>
|
|
</Branch>
|
|
<Branch Type="Package Arch" Name="src">
|
|
<FullProductName ProductID="trafficserver-9.2.5-1" CPE="cpe:/a:openEuler:openEuler:24.03-LTS" EPOL="true">trafficserver-9.2.5-1.oe2403.src.rpm</FullProductName>
|
|
</Branch>
|
|
<Branch Type="Package Arch" Name="x86_64">
|
|
<FullProductName ProductID="trafficserver-9.2.5-1" CPE="cpe:/a:openEuler:openEuler:24.03-LTS" EPOL="true">trafficserver-9.2.5-1.oe2403.x86_64.rpm</FullProductName>
|
|
<FullProductName ProductID="trafficserver-debuginfo-9.2.5-1" CPE="cpe:/a:openEuler:openEuler:24.03-LTS" EPOL="true">trafficserver-debuginfo-9.2.5-1.oe2403.x86_64.rpm</FullProductName>
|
|
<FullProductName ProductID="trafficserver-debugsource-9.2.5-1" CPE="cpe:/a:openEuler:openEuler:24.03-LTS" EPOL="true">trafficserver-debugsource-9.2.5-1.oe2403.x86_64.rpm</FullProductName>
|
|
<FullProductName ProductID="trafficserver-devel-9.2.5-1" CPE="cpe:/a:openEuler:openEuler:24.03-LTS" EPOL="true">trafficserver-devel-9.2.5-1.oe2403.x86_64.rpm</FullProductName>
|
|
<FullProductName ProductID="trafficserver-perl-9.2.5-1" CPE="cpe:/a:openEuler:openEuler:24.03-LTS" EPOL="true">trafficserver-perl-9.2.5-1.oe2403.x86_64.rpm</FullProductName>
|
|
</Branch>
|
|
</ProductTree>
|
|
<Vulnerability Ordinal="1" xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1">
|
|
<Notes>
|
|
<Note Title="Vulnerability Description" Type="General" Ordinal="1" xml:lang="en">Apache Traffic Server accepts characters that are not allowed for HTTP field names and forwards malformed requests to origin servers. This can be utilized for request smuggling and may also lead cache poisoning if the origin servers are vulnerable.
|
|
|
|
This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4.
|
|
|
|
Users are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue.</Note>
|
|
</Notes>
|
|
<ReleaseDate>2024-08-09</ReleaseDate>
|
|
<CVE>CVE-2023-38522</CVE>
|
|
<ProductStatuses>
|
|
<Status Type="Fixed">
|
|
<ProductID>openEuler-24.03-LTS</ProductID>
|
|
</Status>
|
|
</ProductStatuses>
|
|
<Threats>
|
|
<Threat Type="Impact">
|
|
<Description>High</Description>
|
|
</Threat>
|
|
</Threats>
|
|
<CVSSScoreSets>
|
|
<ScoreSet>
|
|
<BaseScore>7.5</BaseScore>
|
|
<Vector>AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N</Vector>
|
|
</ScoreSet>
|
|
</CVSSScoreSets>
|
|
<Remediations>
|
|
<Remediation Type="Vendor Fix">
|
|
<Description>trafficserver security update</Description>
|
|
<DATE>2024-08-09</DATE>
|
|
<URL>https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1955</URL>
|
|
</Remediation>
|
|
</Remediations>
|
|
</Vulnerability>
|
|
<Vulnerability Ordinal="2" xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1">
|
|
<Notes>
|
|
<Note Title="Vulnerability Description" Type="General" Ordinal="1" xml:lang="en">Apache Traffic Server forwards malformed HTTP chunked trailer section to origin servers. This can be utilized for request smuggling and may also lead cache poisoning if the origin servers are vulnerable.
|
|
|
|
This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4.
|
|
|
|
Users can set a new setting (proxy.config.http.drop_chunked_trailers) not to forward chunked trailer section.
|
|
Users are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue.</Note>
|
|
</Notes>
|
|
<ReleaseDate>2024-08-09</ReleaseDate>
|
|
<CVE>CVE-2024-35161</CVE>
|
|
<ProductStatuses>
|
|
<Status Type="Fixed">
|
|
<ProductID>openEuler-24.03-LTS</ProductID>
|
|
</Status>
|
|
</ProductStatuses>
|
|
<Threats>
|
|
<Threat Type="Impact">
|
|
<Description>Critical</Description>
|
|
</Threat>
|
|
</Threats>
|
|
<CVSSScoreSets>
|
|
<ScoreSet>
|
|
<BaseScore>9.1</BaseScore>
|
|
<Vector>AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N</Vector>
|
|
</ScoreSet>
|
|
</CVSSScoreSets>
|
|
<Remediations>
|
|
<Remediation Type="Vendor Fix">
|
|
<Description>trafficserver security update</Description>
|
|
<DATE>2024-08-09</DATE>
|
|
<URL>https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1955</URL>
|
|
</Remediation>
|
|
</Remediations>
|
|
</Vulnerability>
|
|
</cvrfdoc> |