Fedora 21: FEDORA-2015-11255 Critical Info Leak in HAProxy
fedora
July 29, 2015
Security fix for CVE-2015-3281
Summary
HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high
availability environments. Indeed, it can:
- route HTTP requests depending on statically assigned cookies
- spread load among several servers while assuring server persistence
through the use of HTTP cookies
- switch to backup servers in the event a main one fails
- accept connections to special ports dedicated to service monitoring
- stop accepting connections without breaking existing ones
- add, modify, and delete HTTP headers in both directions
- block requests matching particular patterns
- report detailed status to authenticated users from a URI
intercepted from the application
Update Information:
Security fix for CVE-2015-3281
Topics Covered
Change Log
* Mon Jul 6 2015 Ryan O'Hara
References
[ 1 ] Bug #1239072 - CVE-2015-3281 haproxy: information leak in buffer_slow_realign()
https://bugzilla.redhat.com/show_bug.cgi?id=1239072
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update haproxy' at the command line. For more information, refer to "Managing Software with yum", available at .
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: haproxy
Product: Fedora 21
Version: 1.5.14
Release: 1.fc21
Summary: HAProxy reverse proxy for high availability environments
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!