ELSA-2024-1142 - haproxy security update
| Type: | SECURITY |
| Impact: | MODERATE |
| Release Date: | 2024-03-06 |
Description
[2.4.22-3]
- Reject '#' as part of URI path component (CVE-2023-45539, RHEL-18169)
[2.4.22-2]
- Reject any empty content-length header value (CVE-2023-40225, RHEL-7736)
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
|
| Oracle Linux 9 (aarch64) | haproxy-2.4.22-3.el9_3.src.rpm | e2210a7dfd33828e10311b0b436cb8150287697f154fd8beea00ca5b8738b32e | - | ol9_aarch64_appstream |
| haproxy-2.4.22-3.el9_3.aarch64.rpm | 5bf46de4d66f7a9399b2b99d2fa7d6c4173bad2a95d0be2580daa2903d05493e | - | ol9_aarch64_appstream |
|
| Oracle Linux 9 (x86_64) | haproxy-2.4.22-3.el9_3.src.rpm | e2210a7dfd33828e10311b0b436cb8150287697f154fd8beea00ca5b8738b32e | - | ol9_x86_64_appstream |
| haproxy-2.4.22-3.el9_3.x86_64.rpm | 8e4a63b4ba808fe1449c184b175468b11a4a7179da6c601f681b76236fdd59f3 | - | ol9_x86_64_appstream |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
