LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

Synopsis:          Moderate: haproxy security update
Advisory ID:       SLSA-2013:1120-1
Issue Date:        2013-07-30
CVE Numbers:       CVE-2013-2175
--

A flaw was found in the way HAProxy handled requests when the proxy's
configuration ("/etc/haproxy/haproxy.cfg") had certain rules that use the
hdr_ip criterion. A remote attacker could use this flaw to crash HAProxy
instances that use the affected configuration. (CVE-2013-2175)
--

SL6
  x86_64
    haproxy-1.4.22-5.el6_4.x86_64.rpm
    haproxy-debuginfo-1.4.22-5.el6_4.x86_64.rpm
  i386
    haproxy-1.4.22-5.el6_4.i686.rpm
    haproxy-debuginfo-1.4.22-5.el6_4.i686.rpm

- Scientific Linux Development Team