Varnish 3.0.4 released
Tollef Fog Heen
tfheen at varnish-software.com
Mon Jun 17 14:58:19 CEST 2013
It is my pleasure to announce the fourth maintenance release in the 3.0
series of Varnish Cache. It includes a fix for a security related bug
and everybody is recommended to upgrade as soon as possible.
Some of the most important changes include:
* The ACL code had a bug which could lead to false negatives. This has
been assigned CVE-2013-4090.
* Varnish will now return an error if the client sends multiple Host
* If the backend sent invalid gzip while using ESI, Varnish would in some
cases assert. It now works correctly.
* TCP_NODELAY is now enabled, which should lead to performance
improvements in some cases.
A fuller list of changes is available in the changes document, available
Installation instructions and sources are available from
Tollef Fog Heen, on behalf of the Varnish team
More information about the varnish-announce