Resolved Bugs
1200034 – varnish: heap-based buffer overflow in backend server HTTP response parsing
1200036 – varnish: heap-based buffer overflow in backend server HTTP response parsing [epel-all]<br
This update fixes a bug trigged by a bogus content-length header. Under special circumstances, it could crash a varnishd subthread.
New upstream release. A bugfix release.
Highlights from the changelog:
* 26 reported bugs fixed.
* Replaced objects are now expired immediately, instead of kept around until expiry.
* Memory usage on chunked backend responses is lower
Fore a detailed list of changes, please see the project’s announcement at https://www.varnish-cache.org/content/varnish-cache-403