
tfheen at varnish-software
Jun 17, 2013, 5:58 AM
Post #1 of 1
(100 views)
Permalink
|
It is my pleasure to announce the fourth maintenance release in the 3.0 series of Varnish Cache. It includes a fix for a security related bug and everybody is recommended to upgrade as soon as possible. Some of the most important changes include: * The ACL code had a bug which could lead to false negatives. This has been assigned CVE-2013-4090. * Varnish will now return an error if the client sends multiple Host headers. * If the backend sent invalid gzip while using ESI, Varnish would in some cases assert. It now works correctly. * TCP_NODELAY is now enabled, which should lead to performance improvements in some cases. A fuller list of changes is available in the changes document, available at http://varnish-cache.org/trac/browser/doc/changes.rst Installation instructions and sources are available from https://www.varnish-cache.org/releases/varnish-cache-3.0.4 -- Tollef Fog Heen, on behalf of the Varnish team _______________________________________________ varnish-announce mailing list varnish-announce [at] varnish-cache https://www.varnish-cache.org/lists/mailman/listinfo/varnish-announce
|