1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 5388-1] haproxy security update

    From Salvatore Bonaccorso@21:1/5 to All on Thu Apr 13 22:20:01 2023
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5388-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso
    April 13, 2023 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : haproxy
    CVE ID : CVE-2023-0836

    It was reported that HAProxy, a fast and reliable load balancing reverse
    proxy, does not properly initialize connection buffers when encoding the FCGI_BEGIN_REQUEST record. A remote attacker can take advantage of this
    flaw to cause an information leak.

    For the stable distribution (bullseye), this problem has been fixed in
    version 2.2.9-2+deb11u5.

    We recommend that you upgrade your haproxy packages.

    For the detailed security status of haproxy please refer to its security tracker page at:
    https://security-tracker.debian.org/tracker/haproxy

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmQ4YxlfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0RA+g/8C9B17OgAEYmOivNLX/0SmHC0WQft66LH5a3lrr+xgncSO6h7REzVlgMX IffI+RnTxTuHH0sMb8S1rYsAfaHeAHGzXOEKiooPVwMix3TMTR6mocv5D1V4smTi I8JWZSDIzPLKn1EYKQDXxg8wz6nEVsc5njF8SAcWZ1fDDLgbbVtUEY9SL2dkGLF+ QlsGWnsseN6AzNfVm7vYIdTzSFbc1Hd3mnlL+uIolhKkGLtQ+iMTLxWjxu1n4MqI Yh3VR/f2BUVez9JP3GZ/BOEZU/M3b91QYjmY2OghAlNBBXlL/jMmbZAAAfFukIK1 JIb23iLac/bjv6e8yixwLX0q+t0j4ZTpxmln+iiIPLSZ/1IBYXOvf6nrP/cIueGq wlMFdD6qRm7s8cIsx4Gw8bb+ge9zUCOdkX0uPzLDRWul3e+69fdmWazcmDXIFOrg Bcp5cp4i33r0+T338rimyN4Q6CyqYQ756gf5mK8kq/vVLI4qyLYmVjZj2eAUI6EP WptxP0UKUarFtpYsc2XRRFb66bxaRTf1yuPvR3aRJKnBW4+KnuiTho1J5wa/HaK5 51NWwbgmICsbGsfI5/S0cHpYcvdSRG5SAZavFGUT/dIlsOD4OdjevHGnN021AYP1 +EqLuX8Zsq5DQKh3s/yUsl6svTTBOiXZxVer9DLYD+D4yuqkqIc=
    =6SUU
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)