Fedora 33: haproxy 2021-cd5ee418f6 | LinuxSecurity.com

Advisories

What Are You Looking For?

Popular Tags

Contribute

Advisories This Week: 251

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2021-cd5ee418f6
2021-09-17 15:19:50.176186
--------------------------------------------------------------------------------

Name        : haproxy
Product     : Fedora 33
Version     : 2.2.17
Release     : 1.fc33
URL         : https://www.haproxy.org/
Summary     : HAProxy reverse proxy for high availability environments
Description :
HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high
availability environments. Indeed, it can:
 - route HTTP requests depending on statically assigned cookies
 - spread load among several servers while assuring server persistence
   through the use of HTTP cookies
 - switch to backup servers in the event a main one fails
 - accept connections to special ports dedicated to service monitoring
 - stop accepting connections without breaking existing ones
 - add, modify, and delete HTTP headers in both directions
 - block requests matching particular patterns
 - report detailed status to authenticated users from a URI
   intercepted from the application

--------------------------------------------------------------------------------
Update Information:

Update to 2.2.17
--------------------------------------------------------------------------------
ChangeLog:

* Thu Sep  9 2021 Ryan O'Hara  - 2.2.17-1
- Update to 2.2.17
- Fix request smuggling attack or response splitting (CVE-2021-40346, #2002411)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2002411 - CVE-2021-40346 haproxy: request smuggling attack or response splitting via duplicate content-length header [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2002411
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-cd5ee418f6' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

Fedora 33: haproxy 2021-cd5ee418f6

September 17, 2021

Summary

HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high

availability environments. Indeed, it can:

- route HTTP requests depending on statically assigned cookies

- spread load among several servers while assuring server persistence

through the use of HTTP cookies

- switch to backup servers in the event a main one fails

- accept connections to special ports dedicated to service monitoring

- stop accepting connections without breaking existing ones

- add, modify, and delete HTTP headers in both directions

- block requests matching particular patterns

- report detailed status to authenticated users from a URI

intercepted from the application

Update Information:

Update to 2.2.17

Change Log

* Thu Sep 9 2021 Ryan O'Hara - 2.2.17-1 - Update to 2.2.17 - Fix request smuggling attack or response splitting (CVE-2021-40346, #2002411)

References

[ 1 ] Bug #2002411 - CVE-2021-40346 haproxy: request smuggling attack or response splitting via duplicate content-length header [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2002411

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-cd5ee418f6' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
Name : haproxy
Product : Fedora 33
Version : 2.2.17
Release : 1.fc33
URL : https://www.haproxy.org/
Summary : HAProxy reverse proxy for high availability environments

News

Advisories

HOWTOs

Features

Open-Source VPN Protocols Compared: Why WireGuard is on the Rise!
Open Source OSINT Tools and Techniques
The Story Behind the Linux Security Quick Reference Guide
Benefits & Drawbacks of Using a VPN on Linux
How a WAF Could Improve the Security of Your Linux Web Applications

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy