projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8a99ce4) | patch
package/haproxy: security bump to version 2.1.4
authorFabrice Fontaine <fontaine.fabrice@gmail.com>
Wed, 8 Apr 2020 21:00:06 +0000 (23:00 +0200)
committerPeter Korsgaard <peter@korsgaard.com>
Thu, 9 Apr 2020 06:33:10 +0000 (08:33 +0200)
commit5ec43086bc7d0ffb0018b1b522c07f9c2bf51831
treebe1884da1de55691f63303aae98a428e56942639tree
parent8a99ce44b43a3cfe0ff5b0c6b1c3fce08857297bcommit | diff
package/haproxy: security bump to version 2.1.4

- Fix CVE-2020-11100: In hpack_dht_insert in hpack-tbl.c in the HPACK
  decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can
  write arbitrary bytes around a certain location on the heap via a
  crafted HTTP/2 request, possibly causing remote code execution.
- Update indentation of hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/haproxy/haproxy.hash diff | blob | history
package/haproxy/haproxy.mk diff | blob | history