Affected 5.x versions of VSV00004 Workspace information leak
Erik Wasser
ewasser at maxcluster.de
Wed Oct 23 09:37:18 UTC 2019
Hello list,
sometimes I'm confused about the supported versions of Varnish. This
resulted in the post "LTS time frame for Varnish 6.0.X?" on
https://varnish-cache.org/lists/pipermail/varnish-dist/2019-September/000173.html.
But now I'm confused about the "VSV00004 Workspace information leak"
(https://varnish-cache.org/security/VSV00004.html) and the affected
versions.
"VSV00004 Workspace information leak" writes:
> Versions affected
>
> 5.0 and forward
So the version 5.0, 5.1 and 5.2 are affected by VSV00004, is that
correct? The page http://varnish-cache.org/releases/index.html states
that only versions 6.X are supported. So all varnish 5.X should update
to 6.X?! Is that conclusion correct?
--
Greetings
Erik Wasser
More information about the varnish-misc
mailing list