NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package/haproxy: security bump to version 1.9.15

Browse Source 
- Fix CVE-2020-11100: In hpack_dht_insert in hpack-tbl.c in the HPACK
  decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can
  write arbitrary bytes around a certain location on the heap via a
  crafted HTTP/2 request, possibly causing remote code execution.

  https://www.mail-archive.com/haproxy@formilux.org/msg36878.html

Furthermore, 1.9.14 contains a number of bugfixes.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Peter Korsgaard 2020-04-09 09:41:47 +02:00
parent 8fd5c96339
commit 8be2d4ab29
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
package/haproxy/haproxy.hash
View File

@ -1,5 +1,5 @@
# Locally computed:
sha256 adae40f963b03df0917edc44681064627f77683dcf7db66ef030672ad6d00547 haproxy-1.9.13.tar.gz
sha256 291871c7f0145da14cc7222d2f68d3a0ec1c10734d91fd933226d3a103aebea5 haproxy-1.9.15.tar.gz
sha256 0717ca51fceaa25ac9e5ccc62e0c727dcf27796057201fb5fded56a25ff6ca28 LICENSE
sha256 5df07007198989c622f5d41de8d703e7bef3d0e79d62e24332ee739a452af62a doc/lgpl.txt
sha256 ddb9db7630752f8fdc6898f7c99a99eaeeac5213627ecb093df9c82f56175dc7 doc/gpl.txt

2
package/haproxy/haproxy.mk
View File

@ -5,7 +5,7 @@
################################################################################
HAPROXY_VERSION_MAJOR = 1.9
HAPROXY_VERSION = $(HAPROXY_VERSION_MAJOR).13
HAPROXY_VERSION = $(HAPROXY_VERSION_MAJOR).15
HAPROXY_SITE = http://www.haproxy.org/download/$(HAPROXY_VERSION_MAJOR)/src
HAPROXY_LICENSE = GPL-2.0+ and LGPL-2.1+ with exceptions
HAPROXY_LICENSE_FILES = LICENSE doc/lgpl.txt doc/gpl.txt