Описание
Security update for haproxy
This update for haproxy fixes the following issues:
- CVE-2023-0056: Fixed a server crash that could be triggered via a malformed HTTP/2 frame (bsc#1207181).
Список пакетов
SUSE Linux Enterprise High Availability Extension 15 SP4
haproxy-2.4.8+git0.d1f8d41e0-150400.3.6.1
SUSE Linux Enterprise Micro 5.3
haproxy-2.4.8+git0.d1f8d41e0-150400.3.6.1
openSUSE Leap 15.4
haproxy-2.4.8+git0.d1f8d41e0-150400.3.6.1
openSUSE Leap Micro 5.3
haproxy-2.4.8+git0.d1f8d41e0-150400.3.6.1
Ссылки
- Link for SUSE-SU-2023:0153-1
- E-Mail link for SUSE-SU-2023:0153-1
- SUSE Security Ratings
- SUSE Bug 1207181
- SUSE CVE CVE-2023-0056 page
Описание
An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability.
Затронутые продукты
SUSE Linux Enterprise High Availability Extension 15 SP4:haproxy-2.4.8+git0.d1f8d41e0-150400.3.6.1
SUSE Linux Enterprise Micro 5.3:haproxy-2.4.8+git0.d1f8d41e0-150400.3.6.1
openSUSE Leap 15.4:haproxy-2.4.8+git0.d1f8d41e0-150400.3.6.1
openSUSE Leap Micro 5.3:haproxy-2.4.8+git0.d1f8d41e0-150400.3.6.1
Ссылки
- CVE-2023-0056
- SUSE Bug 1207181