Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 439
Alerts This Week
Warning Icon 1 439

Scientific Linux SL6.x: SLSA-2013:1120-1 Moderate HAProxy Crash

Scientific Large Esm H446
Moderate: haproxy security update
Date: Tue, 30 Jul 2013 19:15:33 +0000
Reply-To: scientific-linux-users@
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Subject: Security ERRATA Moderate: haproxy on SL6.x i386/x86_64
MIME-Version: 1.0

Synopsis: Moderate: haproxy security update
Advisory ID: SLSA-2013:1120-1
Issue Date: 2013-07-30
CVE Numbers: CVE-2013-2175
--

A flaw was found in the way HAProxy handled requests when the proxy's
configuration ("/etc/haproxy/haproxy.cfg") had certain rules that use the
hdr_ip criterion. A remote attacker could use this flaw to crash HAProxy
instances that use the affected configuration. (CVE-2013-2175)
--

SL6
 x86_64
 haproxy-1.4.22-5.el6_4.x86_64.rpm
 haproxy-debuginfo-1.4.22-5.el6_4.x86_64.rpm
 i386
 haproxy-1.4.22-5.el6_4.i686.rpm
 haproxy-debuginfo-1.4.22-5.el6_4.i686.rpm

- Scientific Linux Development Team