[ubuntu/hirsute-security] haproxy 2.2.9-1ubuntu0.1 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Tue Aug 17 16:54:46 UTC 2021

haproxy (2.2.9-1ubuntu0.1) hirsute-security; urgency=medium

  * SECURITY UPDATE: Multiple issues in HTTP/2 implementation
    - d/p/2.2-0001*.patch: add a new function http_validate_scheme() to
      validate a scheme.
    - d/p/2.2-0002*.patch: verify early that non-http/https schemes match
      the valid syntax.
    - d/p/2.2-0003*.patch: verify that :path starts with a / before
      concatenating it.
    - d/p/2.2-0004*.patch: enforce checks on the method syntax before
      translating to HTX.
    - d/p/2.2-0005*.patch: give :authority precedence over Host.
    - No CVE number

Date: 2021-08-16 13:01:15.546898+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Hirsute-changes mailing list