36c115d0bc
Fixes the following security issues: - CVE-2021-40346: An integer overflow exists in HAProxy 2.0 through 2.5 in the htx_add_header() can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request HAProxy ACLs and possibly other ACLs. For more details, see the advisory: https://www.mail-archive.com/haproxy@formilux.org/msg41114.html Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> |
||
|---|---|---|
| .. | ||
| Config.in | ||
| haproxy.hash | ||
| haproxy.mk | ||