UbuntuUpdates.org

Package "haproxy"




Name: haproxy

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • fast and reliable load balancing reverse proxy (HTML documentation)
  • syntax highlighting for HAProxy configuration files
Latest version: *DELETED*
Release: jammy (22.04)
Level: proposed
Repository: universe

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "haproxy" in Jammy

Repository Area Version
base main 2.4.14-1ubuntu1
base universe 2.4.14-1ubuntu1
security main 2.4.24-0ubuntu0.22.04.3
security universe 2.4.24-0ubuntu0.22.04.3
updates universe 2.4.29-0ubuntu0.22.04.1
updates main 2.4.29-0ubuntu0.22.04.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.4.22-0ubuntu0.22.04.1 2023-04-14 22:06:51 UTC

  haproxy (2.4.22-0ubuntu0.22.04.1) jammy; urgency=medium

  * New upstream release (LP: #2012557).
    - Major and critical bug fixes according to the upstream changelog:
      + BUG/MAJOR: log-forward: Fix log-forward proxies not fully initialized
      + BUG/MAJOR: mworker: fix infinite loop on master with no proxies.
      + BUG/MAJOR: stick-tables: do not try to index a server name for applets
      + BUG/MAJOR: stick-table: don't process store-response rules for applets
      + BUG/MAJOR: fcgi: Fix uninitialized reserved bytes
      + BUG/MAJOR: buf: Fix copy of wrapping output data when a buffer is realigned
      + BUG/CRITICAL: http: properly reject empty http header field names
    - Remove patches applied by upstream in debian/patches:
      + CVE-2023-0056.patch
      + CVE-2023-25725.patch
      + CVE-2023-0836.patch
    - Refresh existing patches in debian/patches:
      + haproxy.service-start-after-syslog.patch
      + reproducible.patch
  * Backport DEP-8 tests from Lunar:
    - d/t/proxy-ssl-termination
    - d/t/proxy-ssl-pass-through

 -- Lucas Kanashiro <email address hidden> Wed, 22 Mar 2023 18:18:54 -0300
2012557 [MRE] haproxy
CVE-2023-0056 RESERVED
CVE-2023-25725 HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka "request smuggling."
CVE-2023-0836 An information leak vulnerability was discovered in HAProxy 2.1, 2.2 before 2.2.27, 2.3, 2.4 before 2.4.21, 2.5 before 2.5.11, 2.6 before 2.6.8, 2.7

Version: *DELETED* 2022-09-23 22:07:08 UTC
No changelog for deleted or moved packages.

Version: 2.4.18-0ubuntu1 2022-09-09 14:07:13 UTC

  haproxy (2.4.18-0ubuntu1) jammy; urgency=medium

  * New upstream release (LP: #1987914). Major bug fixes according to the
    upstream changelog:
    - mux-pt: Always destroy the backend connection on detach
    - mux_pt: always report the connection error to the conn_stream
    - connection: Never remove connection from idle lists outside the lock
    - dns: multi-thread concurrency issue on UDP socket

 -- Lucas Kanashiro <email address hidden> Thu, 25 Aug 2022 15:52:23 -0300
1987914 Microrelease update in all supported releases


About   -   Send Feedback to @ubuntu_updates