Package "haproxy"

Name: haproxy


fast and reliable load balancing reverse proxy

Latest version: 1.4.18-0ubuntu1.2
Release: precise (12.04)
Level: updates
Repository: main
Homepage: http://haproxy.1wt.eu/


Download "haproxy"

Other versions of "haproxy" in Precise

Repository Area Version
base main 1.4.18-0ubuntu1
security main 1.4.18-0ubuntu1.2


Version: 1.4.18-0ubuntu1.2 2013-06-20 23:06:38 UTC

  haproxy (1.4.18-0ubuntu1.2) precise-security; urgency=low

  * SECURITY UPDATE: denial of service in HTTP header parsing
    - debian/patches/CVE-2013-2175.patch: properly calculate the header
      field count in src/proto_http.c.
    - CVE-2013-2175
 -- Marc Deslauriers <email address hidden> Thu, 20 Jun 2013 14:03:46 -0400

Source diff to previous version

Version: 1.4.18-0ubuntu1.1 2013-04-15 20:09:17 UTC

  haproxy (1.4.18-0ubuntu1.1) precise-security; urgency=low

  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via non-default global.tune.bufsize.
    - debian/patches/CVE-2012-2942.patch: check buffer sizes in
      include/types/global.h, src/acl.c, src/cfgparse.c, src/checks.c,
      src/dumpstats.c, src/haproxy.c, src/proto_http.c,
    - CVE-2012-2942
  * SECURITY UPDATE: denial of service via HTTP information in tcp-request
    - debian/patches/CVE-2013-1912.patch: properly handle buffers in
    - CVE-2013-1912
 -- Marc Deslauriers <email address hidden> Fri, 05 Apr 2013 10:21:10 -0400

CVE-2012-2942 Buffer overflow in the trash buffer in the header capture functionality in HAProxy before 1.4.21, when global.tune.bufsize is set to a value greater
CVE-2013-1912 Buffer overflow in HAProxy 1.4 through 1.4.22 and 1.5-dev through 1.5-dev17, when HTTP keep-alive is enabled, using HTTP keywords in TCP inspection r

About   -   Send Feedback to @ubuntu_updates