-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAmVvN3MACgkQZWnYVadE
vpOnPA/+K1jIyjSntBdiek8pDL1Mrhfnu1nJjtUasAXW5Ch9Us0n09gSoXqQ9H7A
IBIyE3si7kd4iqjHljqMBtgBUogmXXEAGWTBXhOQDm7FEzhmnntGWkUxtBnpk5UC
+15BhGRLN29VRWOPyhzvR3k/ugPdYLQduMiAMDkj2NXh9Z4G24hGgiYAShcHgkVg
XoAAGFPxLv9w8iVpmEVx/+rj7+qa5wFZusPSXrNetVAe35SKzUystj9kjvtCYiAh
ayewDbnhKhP6T4OH1aSSFqwXl32MfWHUEDPfq5v4cbzb+TmtWUjLnzgv+wb4WAyO
+wS0OLYYbSvFvP94jQdVyYNJyVegHhjwgqqTtu7rK9pG1CY83w3KvuOVXHE4/sBc
sfF9aTITkmofPwse9vbk/DY7uHVW05HmPiSjoPGgcHW+YSbiOE2Y0LWgOKjnWb6Q
4Z6u7B/8idyisCGGPGBK8UbqkAheauqp8ypP4F+/Sfk2taIn4Y8htjIdYnmpX2qT
Yh7A9Q74rUL67qpJEK5vnYem1BpyktfgoXw1I+I+Mku4J6xsrmWPg0iL3ffzCO57
oVbOPyyviA6/yf9oFoEHrlnv7mR0xfUGmTPbwWgsx9fg8WufVtKe8/1+Mh+Pf4Y6
lu6Rhto0+g0+9F4PqVEC7f8unby8MwdLCUOQI4vPhFY2HoR8inY=
=mztn
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-6530-1
December 05, 2023
haproxy vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 23.04
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
Summary:
HAProxy could be made to expose sensitive information.
Software Description:
- haproxy: fast and reliable load balancing reverse proxy
Details:
It was discovered that HAProxy incorrectly handled URI components
containing the hash character (#). A remote attacker could possibly use
this issue to obtain sensitive information, or to bypass certain path_end
rules.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 23.04:
haproxy 2.6.9-1ubuntu1.2
Ubuntu 22.04 LTS:
haproxy 2.4.22-0ubuntu0.22.04.3
Ubuntu 20.04 LTS:
haproxy 2.0.31-0ubuntu0.3
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-6530-1
CVE-2023-45539
Package Information:
https://launchpad.net/ubuntu/+source/haproxy/2.6.9-1ubuntu1.2
https://launchpad.net/ubuntu/+source/haproxy/2.4.22-0ubuntu0.22.04.3
https://launchpad.net/ubuntu/+source/haproxy/2.0.31-0ubuntu0.3
No comments:
Post a Comment