Varnish 3.0.4 released
Tollef Fog Heen
tfheen at varnish-software.com
Mon Jun 17 14:58:19 CEST 2013
It is my pleasure to announce the fourth maintenance release in the 3.0
series of Varnish Cache. It includes a fix for a security related bug
and everybody is recommended to upgrade as soon as possible.
Some of the most important changes include:
* The ACL code had a bug which could lead to false negatives. This has
been assigned CVE-2013-4090.
* Varnish will now return an error if the client sends multiple Host
headers.
* If the backend sent invalid gzip while using ESI, Varnish would in some
cases assert. It now works correctly.
* TCP_NODELAY is now enabled, which should lead to performance
improvements in some cases.
A fuller list of changes is available in the changes document, available
at http://varnish-cache.org/trac/browser/doc/changes.rst
Installation instructions and sources are available from
https://www.varnish-cache.org/releases/varnish-cache-3.0.4
--
Tollef Fog Heen, on behalf of the Varnish team
More information about the varnish-announce
mailing list