Package "haproxy"
| Name: |
haproxy
|
Description: |
fast and reliable load balancing reverse proxy
|
| Latest version: |
1.4.18-0ubuntu1.2 |
| Release: |
precise (12.04) |
| Level: |
security |
| Repository: |
main |
| Homepage: |
http://haproxy.1wt.eu/ |
Links
Download "haproxy"
Other versions of "haproxy" in Precise
Changelog
|
haproxy (1.4.18-0ubuntu1.2) precise-security; urgency=low
* SECURITY UPDATE: denial of service in HTTP header parsing
- debian/patches/CVE-2013-2175.patch: properly calculate the header
field count in src/proto_http.c.
- CVE-2013-2175
-- Marc Deslauriers <email address hidden> Thu, 20 Jun 2013 14:03:46 -0400
|
| Source diff to previous version |
|
haproxy (1.4.18-0ubuntu1.1) precise-security; urgency=low
* SECURITY UPDATE: denial of service and possible arbitrary code
execution via non-default global.tune.bufsize.
- debian/patches/CVE-2012-2942.patch: check buffer sizes in
include/types/global.h, src/acl.c, src/cfgparse.c, src/checks.c,
src/dumpstats.c, src/haproxy.c, src/proto_http.c,
tests/0000-debug-stats.diff.
- CVE-2012-2942
* SECURITY UPDATE: denial of service via HTTP information in tcp-request
- debian/patches/CVE-2013-1912.patch: properly handle buffers in
src/proto_http.c.
- CVE-2013-1912
-- Marc Deslauriers <email address hidden> Fri, 05 Apr 2013 10:21:10 -0400
|
| CVE-2012-2942 |
Buffer overflow in the trash buffer in the header capture functionality in HAProxy before 1.4.21, when global.tune.bufsize is set to a value greater |
| CVE-2013-1912 |
Buffer overflow in HAProxy 1.4 through 1.4.22 and 1.5-dev through 1.5-dev17, when HTTP keep-alive is enabled, using HTTP keywords in TCP inspection r |
|
About
-
Send Feedback to @ubuntu_updates
