ELSA-2023-1696 - haproxy security update
| Type: | SECURITY |
| Severity: | MODERATE |
| Release Date: | 2023-04-11 |
Description
[2.4.17-3.2]
- Reject empty http header field names (CVE-2023-25725, #2174174)
[2.4.17-3.1]
- Refuse interim responses with end-stream flag set (CVE-2023-0056, #2174172)
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
|
| Oracle Linux 9 (aarch64) | haproxy-2.4.17-3.el9_1.2.src.rpm | c9f37c24c82e9a4441e76000d0b456d5 | - |
| haproxy-2.4.17-3.el9_1.2.aarch64.rpm | 139a436a9e2261f387b8da9e414f19df | - |
|
| Oracle Linux 9 (x86_64) | haproxy-2.4.17-3.el9_1.2.src.rpm | c9f37c24c82e9a4441e76000d0b456d5 | - |
| haproxy-2.4.17-3.el9_1.2.x86_64.rpm | 2e0b12b4e2262acf75bea8b0c342626a | - |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
