Security issues with libcurl - the curl vmod NOT affected

However, it is not affected as the curl vmod doesn't have followlocation turned on. The only way it could be affected would be if the URL you're fetching is user supplied. I've never heard of anyone doing such a thing. If you are doing such a crazy thing you should update libcurl and recompile the vmod. Varnish itself is not at all affected.

All things Varnish related

The Varnish blog is where the our team writes about all things related to Varnish Cache and Varnish Software...or simply vents.