From 669e7343beae3a981aeb34236c1450a83b75bb01af8ad4052b9f9a3fd981fe8a Mon Sep 17 00:00:00 2001
From: Jan Engelhardt <jengelh@inai.de>
Date: Wed, 9 Nov 2022 17:25:08 +0000
Subject: [PATCH] - Update to release 7.2.1

OBS-URL: https://build.opensuse.org/package/show/server:http/varnish?expand=0&rev=121
---
 varnish-7.2.0.tgz |  3 ---
 varnish-7.2.1.tgz |  3 +++
 varnish.changes   | 12 ++++++++++++
 varnish.spec      |  2 +-
 4 files changed, 16 insertions(+), 4 deletions(-)
 delete mode 100644 varnish-7.2.0.tgz
 create mode 100644 varnish-7.2.1.tgz

diff --git a/varnish-7.2.0.tgz b/varnish-7.2.0.tgz
deleted file mode 100644
index f358f50..0000000
--- a/varnish-7.2.0.tgz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:1da8a97ed5f7b7d4d5e04fc5c96fc9a85cb3a20d076eba2b18951f4b306c9686
-size 4018697
diff --git a/varnish-7.2.1.tgz b/varnish-7.2.1.tgz
new file mode 100644
index 0000000..69d560d
--- /dev/null
+++ b/varnish-7.2.1.tgz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:4d937d1720a8ec19c533f972d9303a1c9889b7bfca7437893ae5c27cf204a940
+size 4019119
diff --git a/varnish.changes b/varnish.changes
index 9546b08..ceba694 100644
--- a/varnish.changes
+++ b/varnish.changes
@@ -1,3 +1,15 @@
+-------------------------------------------------------------------
+Wed Nov  9 17:16:51 UTC 2022 - Jan Engelhardt <jengelh@inai.de>
+
+- Update to release 7.2.1
+  * Attempts to mark well-known headers like Content-Length and
+    Host hop-by-hop through a Connection-header will now cause a
+    400 "Bad request" response.
+    (VSV00010, CVE-2022-45059, boo#1205243)
+  * Apply the same character set rules to HTTP/2 pseudo-headers
+    as is done on the corresponding HTTP/1 request-line field
+    parsing. (VSV00011, CVE-2022-45060, boo#1205242)
+
 -------------------------------------------------------------------
 Sat Oct 29 13:43:46 UTC 2022 - Dirk Müller <dmueller@suse.com>
 
diff --git a/varnish.spec b/varnish.spec
index 1dbf92f..1b1a270 100644
--- a/varnish.spec
+++ b/varnish.spec
@@ -25,7 +25,7 @@
 %define _fillupdir %_localstatedir/adm/fillup-templates
 %endif
 Name:           varnish
-Version:        7.2.0
+Version:        7.2.1
 Release:        0
 Summary:        Accelerator for HTTP services
 License:        BSD-2-Clause