Versions Compared

Old Version 8

changes.mady.by.user Alan M. Carroll

Saved on

compared with

New Version 9

changes.mady.by.user Alan M. Carroll

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: 5.1.1 release update

...

  • xptr was removed and replaced with ats_scoped_str, ats_scoped_obj and ats_scoped_ptr for temporarily or contingently allocated resources.
  • The Doc header was changed to store per object version information.
  • traffic_manager was moved to the cmd directory.
  • libutils was merged in to libmgmt.
  • WebMgmtUtils moved to libmgmt.

5.1.1 Security Update

Due to security issues in 5.1.0, a possibly incompatible change was made to 5.1.1.

CVE-2014-3566 details a security vulnerability in SSL v3. Traffic Server was updated to disable SSL v3 in the default configuration. Explicit administrator action is required to enable user agents to use SSL v3 to connect to Traffic Server. SSL v3 is a very old protocol and should not be used and Traffic Server recommends leaving SSL v3 disabled.

CVW-2014-3624 details a potential Traffic Server vulnerability due to a change in how remap works This error has been fixed (TS-2677) in version 5.1.1 and requires no action on the part of the administrator beyond installing 5.1.1.