Описание
Security update for haproxy
This update for haproxy fixes the following issues:
- CVE-2025-32464: Fixed heap-based buffer overflow in sample_conv_regsub. (bsc#1240971)
Список пакетов
SUSE Linux Enterprise High Availability Extension 15 SP4
haproxy-2.4.22+git0.f8e3218e2-150400.3.22.1
SUSE Linux Enterprise High Availability Extension 15 SP5
haproxy-2.4.22+git0.f8e3218e2-150400.3.22.1
SUSE Linux Enterprise Micro 5.3
haproxy-2.4.22+git0.f8e3218e2-150400.3.22.1
SUSE Linux Enterprise Micro 5.4
haproxy-2.4.22+git0.f8e3218e2-150400.3.22.1
SUSE Linux Enterprise Micro 5.5
haproxy-2.4.22+git0.f8e3218e2-150400.3.22.1
Ссылки
- Link for SUSE-SU-2025:1338-1
- E-Mail link for SUSE-SU-2025:1338-1
- SUSE Security Ratings
- SUSE Bug 1240971
- SUSE CVE CVE-2025-32464 page
Описание
HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sample_conv_regsub heap-based buffer overflow because of mishandling of the replacement of multiple short patterns with a longer one.
Затронутые продукты
SUSE Linux Enterprise High Availability Extension 15 SP4:haproxy-2.4.22+git0.f8e3218e2-150400.3.22.1
SUSE Linux Enterprise High Availability Extension 15 SP5:haproxy-2.4.22+git0.f8e3218e2-150400.3.22.1
SUSE Linux Enterprise Micro 5.3:haproxy-2.4.22+git0.f8e3218e2-150400.3.22.1
SUSE Linux Enterprise Micro 5.4:haproxy-2.4.22+git0.f8e3218e2-150400.3.22.1
Ссылки
- CVE-2025-32464
- SUSE Bug 1240971