2017

News archive of the year 2017

Security Advisory: (Unlikely) data leak

2017-11-15

Certain uncommon configurations of Varnish may leak data in synthetic responses from vcl_backend_error{}

Please see VSV00002 Data leak - ‘-sfile’ Stevedore transient objects

We have released Varnish Varnish Cache 4.1.9 and Varnish Cache 5.2.1 to fix this issue.

Varnish 5.2.0 is released

2017-09-15

Come and get it… Varnish Cache 5.2.0

Security Advisory: Denial of Service

2017-08-02

All varnish versions from 4.0.1 are vulnerable to a Denial of Service attack, please see VSV00001 DoS vulnerability

Security releases: 4.0.5, 4.1.8 and 5.1.3

2017-08-02

Varnish versions 4.0.5, 4.1.8 and 5.1.3 are now available. See VSV00001 DoS vulnerability for details.