Debian LTS: DLA-3034-1: haproxy security update

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Nathan Davison discovered that HAProxy, a load balancing reverse proxy, did not correctly reject requests or responses featuring a transfer-encoding header missing the "chunked" value which could facilitate a HTTP request smuggling attack. Furthermore several flaws were discovered in DNS related functions that

Debian LTS: DLA-3023-1: puma security update

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Several security vulnerabilities have been discovered in puma, a web server for Ruby/Rack applications. These flaws may lead to information leakage due to not always closing response bodies, allowing untrusted input in a response header (HTTP Response Splitting) and thus potentially facilitating several other