HAProxy could allow unintended access to network services.
Software Description:
- haproxy: fast and reliable load balancing reverse proxy
Details:
USN-6294-1 fixed vulnerabilities in HAProxy. This update provides the
corresponding updates for Ubuntu 20.04 LTS.
Original advisory details:
Ben Kallus discovered that HAProxy incorrectly handled empty Content-Length
headers. A remote attacker could possibly use this issue to manipulate the
payload and bypass certain restrictions.
The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: haproxy 2.0.31-0ubuntu0.2 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-6294-2
https://ubuntu.com/security/notices/USN-6294-1
CVE-2023-40225
Get the latest Linux and open source security news straight to your inbox.