UbuntuUpdates.org

Package "haproxy"

Name: haproxy

Description:

fast and reliable load balancing reverse proxy
Latest version: 2.0.5-1ubuntu0.4
Release: eoan (19.10)
Level: updates
Repository: main
Homepage: http://www.haproxy.org/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "haproxy"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "haproxy" in Eoan

Repository Area Version
base universe 2.0.5-1
base main 2.0.5-1
security universe 2.0.5-1ubuntu0.4
security main 2.0.5-1ubuntu0.4
updates universe 2.0.5-1ubuntu0.4

Changelog

Version: 2.0.5-1ubuntu0.4 2020-04-07 14:07:18 UTC

  haproxy (2.0.5-1ubuntu0.4) eoan-security; urgency=medium

  * SECURITY UPDATE: Arbitrary memory write
    - debian/patches/CVE-2020-11100.patch: make sure the headroom is
      considered only when the buffer does not wrap in src/hpack-tbl.c.
    - CVE-2020-11100

 -- <email address hidden> (Leonidas S. Barbosa) Fri, 03 Apr 2020 16:36:11 -0300
Source diff to previous version
CVE-2020-11100 In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a

Version: 2.0.5-1ubuntu0.3 2019-12-05 01:07:32 UTC

  haproxy (2.0.5-1ubuntu0.3) eoan-security; urgency=medium

  * SECURITY UPDATE: Intermediary Encapsulation attacks
    - debian/patches/CVE-2019-19330-*.patch: reject header values containing
      invalid chars and make header field name filtering stronger in
      src/h2.c, include/common/ist.h.
    - CVE-2019-19330

 -- <email address hidden> (Leonidas S. Barbosa) Mon, 02 Dec 2019 16:12:00 -0300
Source diff to previous version
CVE-2019-19330 The HTTP/2 implementation in HAProxy before 2.0.10 mishandles headers, as demonstrated by carriage return (CR, ASCII 0xd), line feed (LF, ASCII 0xa),

Version: 2.0.5-1ubuntu0.2 2019-11-05 15:07:09 UTC

  haproxy (2.0.5-1ubuntu0.2) eoan-security; urgency=medium

  * SECURITY UPDATE: Messages with transfer-encoding header missing "chunked"
    value were not being correctly rejected
    - debian/patches/CVE-2019-18277.patch: also reject messages where
      "chunked" is missing from transfer-enoding in.
      src/proto_http.c.
    - CVE-2019-18277

 -- <email address hidden> (Leonidas S. Barbosa) Mon, 04 Nov 2019 11:07:29 -0300
Source diff to previous version
CVE-2019-18277 A flaw was found in HAProxy before 2.0.6. In legacy mode, messages featuring a transfer-encoding header missing the "chunked" value were not being co

Version: 2.0.5-1ubuntu0.1 2019-11-04 14:06:45 UTC

  haproxy (2.0.5-1ubuntu0.1) eoan; urgency=medium

  * Fix configurability of dh_params that regressed since building
    against openssl 1.1.1 (LP: #1841936)
    - d/p/lp-1841936-BUG-MEDIUM-ssl-tune.ssl.default-dh-param-value-ignor.patch
    - d/p/lp-1841936-CLEANUP-ssl-make-ssl_sock_load_dh_params-handle-errc.patch

 -- Christian Ehrhardt <email address hidden> Wed, 23 Oct 2019 12:58:09 +0200
1841936 Rebuild haproxy with openssl 1.1.1 will change features (bionic)


About   -   Send Feedback to @ubuntu_updates