[Buildroot] [PATCH 1/1] package/haproxy: security bump to version 2.4.15
Peter Korsgaard
peter at korsgaard.com
Sun Apr 10 21:48:33 UTC 2022
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:
> Fix CVE-2022-0711: A flaw was found in the way HAProxy processed HTTP
> responses containing the "Set-Cookie2" header. This flaw could allow an
> attacker to send crafted HTTP response packets which lead to an infinite
> loop, eventually resulting in a denial of service condition. The highest
> threat from this vulnerability is availability.
> https://www.mail-archive.com/haproxy@formilux.org/msg41963.html
> https://www.mail-archive.com/haproxy@formilux.org/msg41873.html
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Committed to 2022.02.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list