varnish-cache:4.0

Last commit made on 2017-08-01
Get this branch:
git clone -b 4.0 https://git.launchpad.net/varnish-cache

Branch merges

Branch information

Name:
4.0
Repository:
lp:varnish-cache

Recent commits

07eff4c... by Pål Hermunn Johansen <email address hidden> on 2017-08-01

Prepare for 4.0.5 release

138015a... by Martin Blix Grydeland <email address hidden> on 2017-07-27

Correctly handle bogusly large chunk sizes

This fixes a denial of service attack vector where bogusly large chunk
sizes in requests could be used to force restarts of the Varnish
server.

This is Varnish Security Vulnerability VSV00001

For more information visit: https://varnish-cache.org/security/VSV00001

Fixes: #2379

386f712... by Pål Hermunn Johansen <email address hidden> on 2016-11-30

Prepare for 4.0.4

8eb622f... by Pål Hermunn Johansen <email address hidden> on 2016-10-24

Update changelog

Add changelog entry for #1879.

25ce7db... by Pål Hermunn Johansen <email address hidden> on 2016-10-24

Prepare for 4.0.4-beta1

e1eb3e5... by Nils Goroll <email address hidden> on 2016-03-03

Fix an off-by-one when setting the first bit exceeding the current bitmap size

When setting bit n (the n+1th bit) of an n-bit vbitmap, we'd miss to
expand the bitmap and thus overflow our buffer and overwrite the first
bit of the next byte in memory.

fb04e4c... by Poul-Henning Kamp <email address hidden> on 2016-03-23

Add a very crude hack to detect what the default sphinx theme is called.

57eaa1b... by Poul-Henning Kamp <email address hidden> on 2015-02-09

Only look for libedit package if it is not native to the system

(...or something. Needless to say, somebody with autocrap clue should
stare at this in disbelief.)

45807c4... by Poul-Henning Kamp <email address hidden> on 2015-09-21

Adopt libz/libvgz fix from FreeBSD:

  r287541 | dim | 2015-09-07 20:55:14 +0000 (Mon, 07 Sep 2015) | 7 lines

  In libz's inflateMark(), avoid left-shifting a negative integer, which
  is undefined.

  Reviewed by: delphij
  Differential Revision: https://reviews.freebsd.org/D3344
  MFC after: 3 days

3880333... by Poul-Henning Kamp <email address hidden> on 2016-03-09

Zero overflow VSM allocations.

Submitted by: Pål Hermunn Johansen