drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in HAProxy
Name: |
Denial of Service in HAProxy |
|
ID: |
USN-3780-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 18.04 LTS |
|
Datum: |
Di, 2. Oktober 2018, 22:44 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14645 |
|
Applikationen: |
HAproxy |
|
Originalnachricht |
--===============8211549496613282572== Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="=-+6Y167leQB1eYmJmN5Oc"
--=-+6Y167leQB1eYmJmN5Oc Content-Type: text/plain; charset="UTF-8 Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-3780-1 October 02, 2018
haproxy vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
HAProxy could be made to crash if it received a specially crafted request.
Software Description: - haproxy: fast and reliable load balancing reverse proxy
Details:
It was discovered that HAProxy incorrectly handled certain requests. An attacker could possibly use this issue to cause a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.04 LTS: haproxy 1.8.8-1ubuntu0.2
In general, a standard system update will make all the necessary changes.
References: https://usn.ubuntu.com/usn/usn-3780-1 CVE-2018-14645
Package Information: https://launchpad.net/ubuntu/+source/haproxy/1.8.8-1ubuntu0.2 --=-+6Y167leQB1eYmJmN5Oc Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQIcBAABCAAGBQJbs8HQAAoJEEW851uECx9pnQsQAI33FwjpNo+eyw+5k8ZxkGhH dXtH8i8qh0pIWRzz3gFAkUMCcyet2ZUnAirRNXR2UN11nSxjVb7TyKv/CaisvAGj eub6/ihCxcgwetigoNhqsJMxaTk7cVus3Kk62zAN/ZFriWRsCta9tE//ZOQHzAWe XX0NJNDZv0yPuN4y6NS2z8OK2ydkYTdy1RyLCItFOSxuMzUOnCi2Ceqjcs7flRbA A9OVYwnz0TmY1ZBvYQUL4DAgXYtZCLE4N4Zvdh9ntO6JgnjGDYSKcdFU3tvxSfu3 ouh6bs/Uo0z1/V8CnYyAEYr7tGGt3wXsDsKxu93kDHxaJAed/J/M4EHIlbpNgl70 1/i9eJ+PJ3DSoBkhLPiItgJcRiJTzvpkBgutBwlLQtW2XRYEoZbyDXTtp6AKxwA1 lIUTInB8JTLTfH6S4S6XMLLiyRV/4oYELZ0IAscvYjt4iA+E4cjkz1dFncdMOo4z KjvC1EOOB8/NqJI7Rt7Q3ciVgW2xzyrBmqfxHiZecti/HCpWm6pFOD7X4DgpRijO O3jFQDZPytcVhEba0XPqhq6XEsfJrxTHLPgbUfDwojict0h0+V5D7mgvRkTOFPGh vO/k+6BcLxvKto3lyH6lPQsolZBgHT4ES9QYq8SdT33NKMLpgfutUHMFA7IvVJrD MQw1mpxzBeruB7l1SrFz =gW5v -----END PGP SIGNATURE-----
--=-+6Y167leQB1eYmJmN5Oc--
--===============8211549496613282572== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5 LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj dXJpdHktYW5ub3VuY2UK
--===============8211549496613282572==--
|
|
|
|