HCE2-SA-2024-0104 Important HCE 2.0 Security Fix(es): The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. (CVE-2023-44487) An issue was discovered in Varnish Cache 7.x before 7.1.2 and 7.2.x before 7.2.1. A request smuggling attack can be performed on Varnish Cache servers by requesting that certain headers are made hop-by-hop, preventing the Varnish Cache servers from forwarding critical headers to the backend. (CVE-2022-45059) HCE 2.0 varnish-7.4.2-1.hce2.aarch64.rpm varnish-devel-7.4.2-1.hce2.aarch64.rpm varnish-help-7.4.2-1.hce2.noarch.rpm varnish-7.4.2-1.hce2.x86_64.rpm varnish-devel-7.4.2-1.hce2.x86_64.rpm