Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 596
Alerts This Week
Warning Icon 1 596

openSUSE Leap 16.0 haproxy Medium HTTP Manipulation 2026-20619-2

opensuse
Calendar Grey April 24, 2026
Dist Opensuse Esm H88
This update for openSUSE addresses moderate issues in haproxy, including request smuggling vulnerabilities.
An update that solves one vulnerability and has 2 bug fixes can now be installed.

Description

This update for haproxy fixes the following issues:

Security issue:

- CVE-2026-33555: Request smuggling via HTTP/3 parser desynchronization (bsc#1262103).

- bug in SLZ compression (bsc#1261626).

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-632=1

Patch

Package List

- openSUSE Leap 16.0:

haproxy-3.2.15+git64.0fc44b458-160000.2.1

References

* bsc#1261626

* bsc#1262103

References:

* https://www.suse.com/security/cve/CVE-2026-33555.html

Announcement ID: openSUSE-SU-2026:20618-1
Rating: moderate
Affected Products: openSUSE Leap 16.0 -------------------------------------------------------------

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.