UbuntuUpdates.org

Package "vim-haproxy"

Name: vim-haproxy

Description:

syntax highlighting for HAProxy configuration files
Latest version: 1.6.3-1ubuntu0.3
Release: xenial (16.04)
Level: security
Repository: universe
Head package: haproxy
Homepage: http://haproxy.1wt.eu/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "vim-haproxy"

All arch deb package
APT INSTALL

Other versions of "vim-haproxy" in Xenial

Repository Area Version
base universe 1.6.3-1
updates universe 1.6.3-1ubuntu0.3

Changelog

Version: 1.6.3-1ubuntu0.3 2019-11-05 14:06:20 UTC

  haproxy (1.6.3-1ubuntu0.3) xenial-security; urgency=medium

  * SECURITY UPDATE: Messages with transfer-encoding header missing "chunked"
    value were not being correctly rejected
    - debian/patches/CVE-2019-18277.patch: also reject messages where
      "chunked" is missing from transfer-enoding in.
      src/proto_http.c.
    - CVE-2019-18277

 -- <email address hidden> (Leonidas S. Barbosa) Fri, 25 Oct 2019 13:12:29 -0300
Source diff to previous version
CVE-2019-18277 A flaw was found in HAProxy before 2.0.6. In legacy mode, messages featuring a transfer-encoding header missing the "chunked" value were not being co

Version: 1.6.3-1ubuntu0.2 2019-01-15 13:06:36 UTC

  haproxy (1.6.3-1ubuntu0.2) xenial-security; urgency=medium

  * SECURITY UPDATE: Out-of-bounds read
    - debian/patches/CVE-2018-20102.patch: check the bounds
      in src/dns.c.
    - CVE-2018-20102

 -- <email address hidden> (Leonidas S. Barbosa) Fri, 11 Jan 2019 10:34:44 -0300
Source diff to previous version
CVE-2018-20102 An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS resp

Version: 1.6.3-1ubuntu0.1 2016-06-20 18:06:58 UTC

  haproxy (1.6.3-1ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: denial of service via reqdeny
    - debian/patches/CVE-2016-5360.patch: use temporary variable to store
      status in include/types/proto_http.h, src/proto_http.c.
    - CVE-2016-5360

 -- Marc Deslauriers <email address hidden> Tue, 14 Jun 2016 09:35:08 +0300
CVE-2016-5360 remote denial of service via reqdeny


About   -   Send Feedback to @ubuntu_updates