Date: Thu, 02 Apr 2020 13:58:26 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 245282] net/haproxy: Security Update (all supported Versions) CVE-2020-11100 Message-ID: <bug-245282-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D245282 Bug ID: 245282 Summary: net/haproxy: Security Update (all supported Versions) CVE-2020-11100 Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Keywords: security Severity: Affects Many People Priority: --- Component: Individual Port(s) Assignee: demon@FreeBSD.org Reporter: pascal.christen@hostpoint.ch Flags: maintainer-feedback?(demon@FreeBSD.org) Assignee: demon@FreeBSD.org Created attachment 212980 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D212980&action= =3Dedit patch for all supported haproxy versions The main driver for this release is that it contains a fix for a serious vulnerability that was responsibly reported last week by Felix Wilhelm from Google Project Zero, affecting the HPACK decoder used for HTTP/2. CVE-2020-11100 was assigned to this issue. https://www.mail-archive.com/haproxy@formilux.org/msg36877.html The attached patch is for all supported haproxy-versions --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-245282-7788>