UbuntuUpdates.org

Package "haproxy"

Name: haproxy

Description:

fast and reliable load balancing reverse proxy

Latest version: 1.8.8-1ubuntu0.13
Release: bionic (18.04)
Level: updates
Repository: main
Homepage: http://www.haproxy.org/

Links


Download "haproxy"


Other versions of "haproxy" in Bionic

Repository Area Version
base main 1.8.8-1
base universe 1.8.8-1
security main 1.8.8-1ubuntu0.13
security universe 1.8.8-1ubuntu0.13
updates universe 1.8.8-1ubuntu0.13

Changelog

Version: 1.8.8-1ubuntu0.7 2019-11-05 15:07:01 UTC

  haproxy (1.8.8-1ubuntu0.7) bionic-security; urgency=medium

  * SECURITY UPDATE: Messages with transfer-encoding header missing "chunked"
    value were not being correctly rejected
    - debian/patches/CVE-2019-18277.patch: also reject messages where
      "chunked" is missing from transfer-enoding in.
      src/proto_http.c.
    - CVE-2019-18277

 -- <email address hidden> (Leonidas S. Barbosa) Mon, 04 Nov 2019 11:03:13 -0300

Source diff to previous version
CVE-2019-18277 A flaw was found in HAProxy before 2.0.6. In legacy mode, messages featuring a transfer-encoding header missing the "chunked" value were not being co

Version: 1.8.8-1ubuntu0.6 2019-11-04 15:06:21 UTC

  haproxy (1.8.8-1ubuntu0.6) bionic; urgency=medium

  * Fix issues around dh_params when building against openssl 1.1.1
    to avoid regressing the minimal key size (LP: 1841936)
    - d/p/lp-1841936-BUG-MEDIUM-ssl-tune.ssl.default-dh-param-value-ignor.patch
    - d/p/lp-1841936-CLEANUP-ssl-make-ssl_sock_load_dh_params-handle-errc.patch

Source diff to previous version

Version: 1.8.8-1ubuntu0.4 2019-02-07 13:07:33 UTC

  haproxy (1.8.8-1ubuntu0.4) bionic; urgency=medium

  * d/p/stksess-align.patch: Make sure stksess is properly aligned.
    (LP: #1804069)
  * d/t/control, d/t/proxy-localhost: simple DEP8 test to actually
    generate traffic through haproxy.

 -- Andreas Hasenack <email address hidden> Thu, 24 Jan 2019 10:20:49 -0200

Source diff to previous version
1804069 haproxy fails on arm64 due to alignment error

Version: 1.8.8-1ubuntu0.3 2019-01-15 13:06:39 UTC

  haproxy (1.8.8-1ubuntu0.3) bionic-security; urgency=medium

  * SECURITY UPDATE: Out-of-bounds read
    - debian/patches/CVE-2018-20102.patch: check the bounds
      in src/dns.c.
    - CVE-2018-20102
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-20103.patch: fix in
      src/dns.c.
    - CVE-2018-20103
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-20615.patch: fix in
      src/mux_h2.c.
    - CVE-2018-20615

 -- <email address hidden> (Leonidas S. Barbosa) Fri, 11 Jan 2019 11:06:19 -0300

Source diff to previous version
CVE-2018-20102 An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS resp
CVE-2018-20103 An issue was discovered in dns.c in HAProxy through 1.8.14. In the case of a compressed pointer, a crafted packet can trigger infinite recursion by m

Version: 1.8.8-1ubuntu0.2 2018-10-02 20:06:45 UTC

  haproxy (1.8.8-1ubuntu0.2) bionic-security; urgency=medium

  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-14645.patch: fix in include/common/hpack-tbl.h,
      src/hpack-dec.c, src/hpack-tbl.c.
    - CVE-2018-14645

 -- <email address hidden> (Leonidas S. Barbosa) Tue, 02 Oct 2018 08:32:44 -0300

CVE-2018-14645 A flaw was discovered in the HPACK decoder of HAProxy, before 1.8.14, that is used for HTTP/2. An out-of-bounds read access in hpack_valid_idx() resu



About   -   Send Feedback to @ubuntu_updates