[ubuntu/jammy-security] haproxy 2.4.22-0ubuntu0.22.04.2 (Accepted)

Rodrigo Figueiredo Zaiden rodrigo.zaiden at canonical.com
Wed Aug 16 13:53:43 UTC 2023

haproxy (2.4.22-0ubuntu0.22.04.2) jammy-security; urgency=medium

  * SECURITY UPDATE: incorrect handling of empty content-length header
    - debian/patches/CVE-2023-40225-1.patch: add a proper check for empty
      content-length header buffer in src/h1.c and src/h2.c. Also add
      tests for it in reg-tests/http-messaging/h1_to_h1.vtc and
    - debian/patches/CVE-2023-40225-2.patch: add a check for leading zero
      in content-length header buffer in src/h1.c and src/h2.c. Also add
      tests in reg-tests/http-rules/h1or2_to_h1c.vtc.
    - CVE-2023-40225

haproxy (2.4.22-0ubuntu0.22.04.1) jammy; urgency=medium

  * New upstream release (LP: #2012557).
    - Major and critical bug fixes according to the upstream changelog:
      + BUG/MAJOR: log-forward: Fix log-forward proxies not fully initialized
      + BUG/MAJOR: mworker: fix infinite loop on master with no proxies.
      + BUG/MAJOR: stick-tables: do not try to index a server name for applets
      + BUG/MAJOR: stick-table: don't process store-response rules for applets
      + BUG/MAJOR: fcgi: Fix uninitialized reserved bytes
      + BUG/MAJOR: buf: Fix copy of wrapping output data when a buffer is realigned
      + BUG/CRITICAL: http: properly reject empty http header field names
    - Remove patches applied by upstream in debian/patches:
      + CVE-2023-0056.patch
      + CVE-2023-25725.patch
      + CVE-2023-0836.patch
    - Refresh existing patches in debian/patches:
      + haproxy.service-start-after-syslog.patch
      + reproducible.patch
  * Backport DEP-8 tests from Lunar:
    - d/t/proxy-ssl-termination
    - d/t/proxy-ssl-pass-through

Date: 2023-08-15 19:06:09.257716+00:00
Changed-By: Rodrigo Figueiredo Zaiden <rodrigo.zaiden at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the jammy-changes mailing list