ELSA-2023-1696 - haproxy security update
| Type: | SECURITY |
| Impact: | MODERATE |
| Release Date: | 2023-04-11 |
Description
[2.4.17-3.2]
- Reject empty http header field names (CVE-2023-25725, #2174174)
[2.4.17-3.1]
- Refuse interim responses with end-stream flag set (CVE-2023-0056, #2174172)
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
|
| Oracle Linux 9 (aarch64) | haproxy-2.4.17-3.el9_1.2.src.rpm | d6eee597e76767b7e05cb45d4e307bb9c0fc17f5dc1a5cdeeb08c47331de02fb | - | ol9_aarch64_appstream |
| haproxy-2.4.17-3.el9_1.2.aarch64.rpm | 6f39eea5295f25c256795b63ba01716ca14d9cf0cf51f1d5ecd09d7d0fcdaf0b | - | ol9_aarch64_appstream |
|
| Oracle Linux 9 (x86_64) | haproxy-2.4.17-3.el9_1.2.src.rpm | d6eee597e76767b7e05cb45d4e307bb9c0fc17f5dc1a5cdeeb08c47331de02fb | - | ol9_x86_64_appstream |
| haproxy-2.4.17-3.el9_1.2.x86_64.rpm | 30e08567a93d6a71957d45c7d6d80ec525291f3a5481e0f37b92f8acdc5f03ef | - | ol9_x86_64_appstream |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
