UbuntuUpdates.org

Package "haproxy-doc"

Name: haproxy-doc

Description:

fast and reliable load balancing reverse proxy (HTML documentation)

Latest version: 2.0.33-0ubuntu0.1
Release: focal (20.04)
Level: updates
Repository: universe
Head package: haproxy
Homepage: http://www.haproxy.org/

Links


Download "haproxy-doc"


Other versions of "haproxy-doc" in Focal

Repository Area Version
base universe 2.0.13-2
security universe 2.0.31-0ubuntu0.3

Changelog

Version: 2.0.29-0ubuntu1.1 2023-01-23 17:08:47 UTC

  haproxy (2.0.29-0ubuntu1.1) focal-security; urgency=medium

  * SECURITY UPDATE: DoS via certain interim responses
    - debian/patches/CVE-2023-0056.patch: refuse interim responses with
      end-stream flag set in src/mux_h2.c.
    - CVE-2023-0056

 -- Marc Deslauriers <email address hidden> Thu, 19 Jan 2023 10:50:52 -0500

Source diff to previous version
CVE-2023-0056 RESERVED

Version: 2.0.29-0ubuntu1 2022-09-22 11:07:25 UTC

  haproxy (2.0.29-0ubuntu1) focal; urgency=medium

  * New upstream release (LP: #1987914).
    - Major and critical bug fixes according to the upstream changelog:
      + http-ana: Always abort the request when a tarpit is triggered
      + list: fix invalid element address calculation
      + proxy_protocol: Properly validate TLV lengths
      + hpack: never index a header into the headroom after wrapping
      + stream-int: always detach a faulty endpoint on connect failure
      + stream: Mark the server address as unset on new outgoing connection
      + dns: Make the do-resolve action thread-safe
      + contrib/spoa-server: Fix unhandled python call leading to memory leak
      + mux-h2: Don't try to send data if we know it is no longer possible
      + spoe: Be sure to remove all references on a released spoe applet
      + filters: Always keep all offsets up to date during data filtering
      + peers: fix partial message decoding
      + spoa/python: Fixing return None
      + dns: fix null pointer dereference in snr_update_srv_status
      + dns: disabled servers through SRV records never recover
      + mux-h2: Properly detect too large frames when decoding headers
      + server: prevent deadlock when using 'set maxconn server'
      + htx: Fix htx_defrag() when an HTX block is expanded
      + queue: set SF_ASSIGNED when setting strm->target on dequeue
      + server: fix deadlock when changing maxconn via agent-check
      + h2: enforce stricter syntax checks on the :method pseudo-header
      + htx: fix missing header name length check in htx_add_header/trailer
      + lua: use task_wakeup() to properly run a task once
      + http/htx: prevent unbounded loop in http_manage_server_side_cookies
      + spoe: properly detach all agents when releasing the applet
      + mux-h2: Be sure to always report HTX parsing error to the app layer
      + sched: prevent rare concurrent wakeup of multi-threaded tasks
      + mux-pt: Always destroy the backend connection on detach
      + dns: multi-thread concurrency issue on UDP socket
      + mux_pt: always report the connection error to the conn_stream
    - Refresh haproxy.service-*.patch.
    - Remove patches applied by upstream in debian/patches:
      + 0001-2.0-2.3-BUG-MAJOR-htx-fix-missing-header-name-length-check-i.patch
      + 0001-BUG-CRITICAL-hpack-never-index-a-header-into-the-hea.patch
      + 2.0-0001-BUG-MAJOR-h2-enforce-checks-on-the-method-syntax-bef.patch
      + CVE-2022-0711.patch
      + lp1894879-BUG-MEDIUM-dns-*.patch

 -- Lucas Kanashiro <email address hidden> Fri, 26 Aug 2022 17:07:24 -0300

Source diff to previous version
1987914 Microrelease update in all supported releases
CVE-2022-0711 A flaw was found in the way HAProxy processed HTTP responses containin ...

Version: 2.0.13-2ubuntu0.5 2022-03-03 16:06:31 UTC

  haproxy (2.0.13-2ubuntu0.5) focal-security; urgency=medium

  * SECURITY UPDATE: infinite loop via Set-Cookie2 header
    - debian/patches/CVE-2022-0711.patch: prevent unbounded loop in
      src/http_ana.c.
    - CVE-2022-0711
  * debian/rules: link against libatomic on riscv64.

 -- Marc Deslauriers <email address hidden> Wed, 02 Mar 2022 07:56:19 -0500

Source diff to previous version
CVE-2022-0711 A flaw was found in the way HAProxy processed HTTP responses containin ...

Version: 2.0.13-2ubuntu0.3 2021-09-08 13:06:57 UTC

  haproxy (2.0.13-2ubuntu0.3) focal-security; urgency=medium

  * SECURITY UPDATE: duplicate content-length header check bypass in HTX
    - d/p/0001-2.0-2.3-BUG-MAJOR*.patch: fix missing header name length
      check in htx_add_header/trailer in src/htx.c.
    - CVE number pending

 -- Marc Deslauriers <email address hidden> Fri, 27 Aug 2021 07:48:39 -0400

Source diff to previous version

Version: 2.0.13-2ubuntu0.2 2021-08-17 18:06:23 UTC

  haproxy (2.0.13-2ubuntu0.2) focal-security; urgency=medium

  * SECURITY UPDATE: Security issue in HTTP/2 implementation
    - d/p/2.0-0001*.patch: enforce checks on the method syntax before
      translating to HTX.
    - No CVE number

 -- Marc Deslauriers <email address hidden> Mon, 16 Aug 2021 07:42:00 -0400




About   -   Send Feedback to @ubuntu_updates