| |||||||||||||||||||
Debian alert DSA-2711-1 (haproxy)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2711-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff June 19, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : haproxy Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2012-2942 CVE-2013-1912 CVE-2013-2175 Multiple security issues have been found in HAProxy, a load-balancing reverse proxy: CVE-2012-2942 Buffer overflow in the header capture code. CVE-2013-1912 Buffer overflow in the HTTP keepalive code. CVE-2013-2175 Denial of service in parsing HTTP headers. For the oldstable distribution (squeeze), these problems have been fixed in version 1.4.8-1+squeeze1. The stable distribution (wheezy) doesn't contain haproxy. For the unstable distribution (sid), these problems have been fixed in version 1.4.24-1. We recommend that you upgrade your haproxy packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlHB5iUACgkQXm3vHE4uyloejQCcDLeGSbq/TcynokkvYSZf7tgW ykUAn2IzWLERPgLLKGWdtiazkMZ1hAJh =fAae -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org Archive: http://lists.debian.org/20130619171158.GA6839@pisco.westf... (Log in to post comments)
|
|||||||||||||||||||