varnish-cache:7.2

Branch merges

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related charm recipes

399fa7e... by Martin Blix Grydeland <email address hidden> on 2022-10-10

Prepare for 7.2.1

5beb00d... by Martin Blix Grydeland <email address hidden> on 2022-10-11

Add #3856 to the changelog

9d31f5b... by Nils Goroll <email address hidden> on 2022-10-10

Fix missed adjustments to vsl buffer space checks

Refs 8df30240174b190db2601f4d64c28ee313eae486

Fixes #3856

4be07a8... by Nils Goroll <email address hidden> on 2022-10-10

Add debug.vsl_flush()

4af9ca0... by Martin Blix Grydeland <email address hidden> on 2022-10-10

Add VSV00011 to the changelog

0b760b9... by Martin Blix Grydeland <email address hidden> on 2022-10-10

Add VSV00010 to the changelog

1e98499... by Asad Sajjad Ahmed <email address hidden> on 2022-10-03

h2: add vtc for VSV00011

Check for correct handling of missing pseudo-headers, and invalid
characters.

Signed-off-by: Asad Sajjad Ahmed <email address hidden>

207698a... by Asad Sajjad Ahmed <email address hidden> on 2022-09-30

hpack: fix pseudo-headers handling

We should apply the same restrictions on the list of allowed characters inside
H/2 pseudo-headers as we do for H/1. This error is translated into the
headers we send to a backend over H/1.

Failure to do so could permit various exploits against a backend not handling
malformed H/1 requests.

Signed-off-by: Asad Sajjad Ahmed <email address hidden>

82e6e70... by Martin Blix Grydeland <email address hidden> on 2022-09-29

Add all well-known headers to the perfect hash lookup table

This expands the perfect hash lookup table to be able to match any entry
in the list of well-known headers from tbl/http_headers.h.

Previously only the headers that had a non-zero filter flag section was
kept in the fast match table.

Fixes: VSV00010

82c0a82... by Martin Blix Grydeland <email address hidden> on 2022-09-30

Limit cifuzz.yml to the `varnishcache` github org

Limit the fuzzer runs to PRs on `varnishcache`'s repositories. The build
scripts won't work correctly from anywhere else anyways.