Download
| Alert*
oval:org.secpod.oval:def:61509
haproxy: fast and reliable load balancing reverse proxy HAProxy could be made to execute arbitrary code if it received a specially crafted HTTP/2 header. oval:org.secpod.oval:def:504956 HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. The following packages have been upgraded to a later upstream version: rh-haproxy18-haproxy . Security Fix: * haproxy: HTTP request smuggling issue with transfer-encoding header containing an obfusc ... oval:org.secpod.oval:def:66792 The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. The following packages have been upgraded to a later upstream version: haproxy . Security Fix: * haproxy: HTTP request smuggling issue with transfer-encoding header containing an obf ... oval:org.secpod.oval:def:1801678 The HTTP/2 implementation in HAProxy before 2.0.10 mishandles headers, as demonstrated by carriage return , line feed , and the zero character , aka Intermediary Encapsulation Attacks.changed the descriptionchanged the descriptionmade the issue visible to everyone oval:org.secpod.oval:def:604626 Tim D#xFC;sterhus discovered that haproxy, a TCP/HTTP reverse proxy, did not properly sanitize HTTP headers when converting from HTTP/2 to HTTP/1. This would allow a remote user to perform CRLF injections. oval:org.secpod.oval:def:69792 Tim Düsterhus discovered that haproxy, a TCP/HTTP reverse proxy, did not properly sanitize HTTP headers when converting from HTTP/2 to HTTP/1. This would allow a remote user to perform CRLF injections. oval:org.secpod.oval:def:705306 haproxy: fast and reliable load balancing reverse proxy HAProxy could be made to execute arbitrary code if it received a specially crafted HTTP/2 header. oval:org.secpod.oval:def:69507 The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. The following packages have been upgraded to a later upstream version: haproxy . Security Fix: * haproxy: HTTP request smuggling issue with transfer-encoding header containing an obf ... oval:org.secpod.oval:def:1504219 [1.8.23-3] - Fix hapack zero byte input causing overwrite [1.8.23-2] - Consider exist status 143 as success [1.8.23-1] - Update to 1.8.23 |