1. Home
  2. Security Advisories
  3. Fedora
  4. FEDORA-2023-54fadada12

[FEDORA-2023-54fadada12] Fedora 37: trafficserver

Severity High
Affected Packages 1
CVEs 3
Info Packages References Vulnerabilities

Update to upstream 9.2.3 Resolves CVE-2023-44487, CVE-2023-41752, CVE-2023-39456

Package Affected Version
pkg:rpm/fedora/trafficserver?distro=fedora-37 < 9.2.3.1.fc37
ID
FEDORA-2023-54fadada12
Severity
high
Severity from
CVE-2023-44487
URL
https://bodhi.fedoraproject.org/updates/FEDORA-2023-54fadada12
Published
2023-10-20T01:08:16
(11 months ago)
Modified
2023-10-20T01:08:16
(11 months ago)
Rights
Copyright 2023 Red Hat, Inc.
Other Advisories
Source # ID Name URL
Bugzilla 2245142 Bug #2245142 - CVE-2023-41752 trafficserver: possible exposure of sensitive information [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2245142
Bugzilla 2245141 Bug #2245141 - CVE-2023-41752 trafficserver: possible exposure of sensitive information [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2245141
Bugzilla 2242988 Bug #2242988 - trafficserver-9.2.3-rc0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2242988
Bugzilla 2243252 Bug #2243252 - [Major Incident] CVE-2023-44487 trafficserver: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2243252
Bugzilla 2245107 Bug #2245107 - CVE-2023-39456 trafficserver: improper input validation vulnerability [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2245107
Bugzilla 2243251 Bug #2243251 - [Major Incident] CVE-2023-44487 trafficserver: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2243251
Bugzilla 2245110 Bug #2245110 - CVE-2023-39456 trafficserver: improper input validation vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2245110
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/fedora/trafficserver?distro=fedora-37 fedora trafficserver < 9.2.3.1.fc37 fedora-37
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date