[ubuntu/focal-proposed] haproxy 2.0.33-0ubuntu0.1 (Accepted)

Fri Dec 8 15:05:28 UTC 2023

haproxy (2.0.33-0ubuntu0.1) focal; urgency=medium

  * New upstream release (LP: #2028418)
    - Major and critical bug fixes according to the upstream changelog:
      + BUG/MAJOR: http-ana: Get a fresh trash buffer for each header value
        replacement
      + BUG/MAJOR: http: reject any empty content-length header value
    - For further information, refer to the upstream changelog at
      https://www.haproxy.org/download/2.0/src/CHANGELOG and to the upstream
      release announcements at
      https://www.mail-archive.com/haproxy@formilux.org/msg43668.html
      (2.0.32), and
      https://www.mail-archive.com/haproxy@formilux.org/msg43904.html (2.0.33)
    - Remove patches applied by upstream in debian/patches:
      + CVE-2023-40225-1.patch
      + CVE-2023-40225-2.patch

Date: Tue, 31 Oct 2023 16:00:44 -0300
Changed-By: Athos Ribeiro <athos.ribeiro at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/haproxy/2.0.33-0ubuntu0.1
-------------- next part --------------
Format: 1.8
Date: Tue, 31 Oct 2023 16:00:44 -0300
Source: haproxy
Built-For-Profiles: noudeb
Architecture: source
Version: 2.0.33-0ubuntu0.1
Distribution: focal
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Athos Ribeiro <athos.ribeiro at canonical.com>
Launchpad-Bugs-Fixed: 2028418
Changes:
 haproxy (2.0.33-0ubuntu0.1) focal; urgency=medium
 .
   * New upstream release (LP: #2028418)
     - Major and critical bug fixes according to the upstream changelog:
       + BUG/MAJOR: http-ana: Get a fresh trash buffer for each header value
         replacement
       + BUG/MAJOR: http: reject any empty content-length header value
     - For further information, refer to the upstream changelog at
       https://www.haproxy.org/download/2.0/src/CHANGELOG and to the upstream
       release announcements at
       https://www.mail-archive.com/haproxy@formilux.org/msg43668.html
       (2.0.32), and
       https://www.mail-archive.com/haproxy@formilux.org/msg43904.html (2.0.33)
     - Remove patches applied by upstream in debian/patches:
       + CVE-2023-40225-1.patch
       + CVE-2023-40225-2.patch
Checksums-Sha1:
 4f9c41dc14f4185c25b4b5cc1355a601879e39d9 2453 haproxy_2.0.33-0ubuntu0.1.dsc
 12cdd3ca6ff022954c1a4a44bccaddd868c36fed 2734144 haproxy_2.0.33.orig.tar.gz
 b62cfaddb66933c1cde232308c2c465d6ccf52d1 71320 haproxy_2.0.33-0ubuntu0.1.debian.tar.xz
 b729e21c9cf78ff63f04d0605dc2ffd0e90542a0 9074 haproxy_2.0.33-0ubuntu0.1_source.buildinfo
Checksums-Sha256:
 0f656002ec58414879e5acbf682cd7a6485fcff897660ca6fdcd3af50dd52e31 2453 haproxy_2.0.33-0ubuntu0.1.dsc
 32f80854d89ce8bbe95f58be0b933b97daa78fe0ec5d7d8315ba5e6bdc718ee7 2734144 haproxy_2.0.33.orig.tar.gz
 416905e239f9fa76ef24aa67382657a73e2ec05da160ec94d68c463b930ea3f1 71320 haproxy_2.0.33-0ubuntu0.1.debian.tar.xz
 af144ff809d5c62b8b0cb934530388576e1154ac7988f295d1356899843475d0 9074 haproxy_2.0.33-0ubuntu0.1_source.buildinfo
Files:
 1d4ae86404ab4f3b2628520c179d84e7 2453 net optional haproxy_2.0.33-0ubuntu0.1.dsc
 69dd4d4c53733b964e837166708afd79 2734144 net optional haproxy_2.0.33.orig.tar.gz
 d8a219eba82810cf94e47b351518802f 71320 net optional haproxy_2.0.33-0ubuntu0.1.debian.tar.xz
 d3510cbd77fcbabc2c93c16663ca7341 9074 net optional haproxy_2.0.33-0ubuntu0.1_source.buildinfo
Original-Maintainer: Debian HAProxy Maintainers <haproxy at tracker.debian.org>
Vcs-Git: https://git.launchpad.net/~athos-ribeiro/ubuntu/+source/haproxy
Vcs-Git-Commit: 43025670639764462f3d8e1de02bccfe3c3b685a
Vcs-Git-Ref: refs/heads/MRE-focal