[ALSA-2024:1142] Moderate: haproxy security update
Type:
security
Severity:
moderate
Release date:
2024-03-06
Description:
The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security Fix(es): * haproxy: Proxy forwards malformed empty Content-Length headers (CVE-2023-40225) * haproxy: untrimmed URI fragments may lead to exposure of confidential data on static servers (CVE-2023-45539) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 haproxy-2.4.22-3.el9_3.aarch64.rpm 5f16e8f4c2283534901023230a98fd38ea56c9170a74d8a30a678a046646acdd
ppc64le haproxy-2.4.22-3.el9_3.ppc64le.rpm 7fda9008464b763d95e6d4354f765b3db6d7ccabd96b62e54758ee785ddd8eab
s390x haproxy-2.4.22-3.el9_3.s390x.rpm a1ada0a47fb6161557040e4eeb4aef03c4a68b439e86967fd81fc2b32674a2a1
x86_64 haproxy-2.4.22-3.el9_3.x86_64.rpm e6950760c647e83fe460a7bae2964ee3d1277fabe38124d4001df9a261315a75
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.