SCIENTIFIC-LINUX-ERRATA Archives

July 2013

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security ERRATA Moderate: haproxy on SL6.x i386/x86_64
From:
Pat Riehecky <[log in to unmask]>
Reply To:
[log in to unmask]
Date:
Tue, 30 Jul 2013 19:15:33 +0000
Content-Type:
text/plain
Parts/Attachments:
text/plain (22 lines) 
Synopsis:          Moderate: haproxy security update
Advisory ID:       SLSA-2013:1120-1
Issue Date:        2013-07-30
CVE Numbers:       CVE-2013-2175
--

A flaw was found in the way HAProxy handled requests when the proxy's
configuration ("/etc/haproxy/haproxy.cfg") had certain rules that use the
hdr_ip criterion. A remote attacker could use this flaw to crash HAProxy
instances that use the affected configuration. (CVE-2013-2175)
--

SL6
  x86_64
    haproxy-1.4.22-5.el6_4.x86_64.rpm
    haproxy-debuginfo-1.4.22-5.el6_4.x86_64.rpm
  i386
    haproxy-1.4.22-5.el6_4.i686.rpm
    haproxy-debuginfo-1.4.22-5.el6_4.i686.rpm

- Scientific Linux Development Team

ATOM RSS1 RSS2