SUSE-SU-2022:2277-1

Опубликовано: 06 июл. 2022

Источник: suse-cvrf

Описание

Security update for haproxy

This update for haproxy fixes the following issues:

CVE-2022-0711: haproxy: Denial of service via set-cookie2 header (bsc#1196408).

Список пакетов

SUSE Linux Enterprise High Availability Extension 15 SP4

haproxy-2.4.8+git0.d1f8d41e0-150400.3.3.13

openSUSE Leap 15.4

haproxy-2.4.8+git0.d1f8d41e0-150400.3.3.13

Ссылки

https://www.suse.com/support/update/announcement/2022/suse-su-20222277-1/
Link for SUSE-SU-2022:2277-1
https://lists.suse.com/pipermail/sle-security-updates/2022-July/011409.html
E-Mail link for SUSE-SU-2022:2277-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1196408
SUSE Bug 1196408
https://www.suse.com/security/cve/CVE-2022-0711/
SUSE CVE CVE-2022-0711 page

Описание

A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header. This flaw could allow an attacker to send crafted HTTP response packets which lead to an infinite loop, eventually resulting in a denial of service condition. The highest threat from this vulnerability is availability.

Затронутые продукты

SUSE Linux Enterprise High Availability Extension 15 SP4:haproxy-2.4.8+git0.d1f8d41e0-150400.3.3.13

openSUSE Leap 15.4:haproxy-2.4.8+git0.d1f8d41e0-150400.3.3.13

Ссылки

https://www.suse.com/security/cve/CVE-2022-0711.html
CVE-2022-0711
https://bugzilla.suse.com/1196408
SUSE Bug 1196408

SUSE-SU-2022:2277-1

Описание

Список пакетов

SUSE Linux Enterprise High Availability Extension 15 SP4

openSUSE Leap 15.4

Ссылки

Уязвимость: CVE-2022-0711

Описание

Затронутые продукты

Ссылки