[ubuntu/xenial-security] haproxy 1.6.3-1ubuntu0.3 (Accepted)

Leonidas S. Barbosa leo.barbosa at canonical.com
Tue Nov 5 12:52:50 UTC 2019


haproxy (1.6.3-1ubuntu0.3) xenial-security; urgency=medium

  * SECURITY UPDATE: Messages with transfer-encoding header missing "chunked"
    value were not being correctly rejected
    - debian/patches/CVE-2019-18277.patch: also reject messages where
      "chunked" is missing from transfer-enoding in.
      src/proto_http.c.
    - CVE-2019-18277

Date: 2019-10-28 12:44:14.698098+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/haproxy/1.6.3-1ubuntu0.3
-------------- next part --------------
Sorry, changesfile not available.


More information about the Xenial-changes mailing list