Errata overview
Errata ID 411
Date 2018-05-08
Source package varnish
Fixed in version 4.0.2-1+deb8u1
This update addresses the following issue:
* Correctly handle bogusly large chunk sizes. This fixes a denial of service
  attack vector where bogusly large chunk sizes in requests could be used to
  force restarts of the Varnish server. (CVE-2017-12425)
Additional notes
CVE ID CVE-2017-12425
UCS Bug number #45157