FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

trafficserver -- unspecified vulnerability

Affected packages
trafficserver < 5.0.1

Details

VuXML ID 6318b303-3507-11e4-b76c-0011d823eebd
Discovery 2014-07-23
Entry 2014-09-05

Bryan Call reports:

Below is our announcement for the security issue reported to us from Yahoo! Japan. All versions of Apache Traffic Server are vulnerable. We urge users to upgrade to either 4.2.1.1 or 5.0.1 immediately.

This fixes CVE-2014-3525 and limits access to how the health checks are performed.

References

CVE Name CVE-2014-3525
URL http://mail-archives.apache.org/mod_mbox/trafficserver-users/201407.mbox/%3CBFCEC9C8-1BE9-4DCA-AF9C-B8FE798EEC07@yahoo-inc.com%3E