Package "haproxy-doc"

  haproxy (2.0.29-0ubuntu1.1) focal-security; urgency=medium

  * SECURITY UPDATE: DoS via certain interim responses
    - debian/patches/CVE-2023-0056.patch: refuse interim responses with
      end-stream flag set in src/mux_h2.c.
    - CVE-2023-0056

 -- Marc Deslauriers <email address hidden> Thu, 19 Jan 2023 10:50:52 -0500

  haproxy (2.0.29-0ubuntu1) focal; urgency=medium

  * New upstream release (LP: #1987914).
    - Major and critical bug fixes according to the upstream changelog:
      + http-ana: Always abort the request when a tarpit is triggered
      + list: fix invalid element address calculation
      + proxy_protocol: Properly validate TLV lengths
      + hpack: never index a header into the headroom after wrapping
      + stream-int: always detach a faulty endpoint on connect failure
      + stream: Mark the server address as unset on new outgoing connection
      + dns: Make the do-resolve action thread-safe
      + contrib/spoa-server: Fix unhandled python call leading to memory leak
      + mux-h2: Don't try to send data if we know it is no longer possible
      + spoe: Be sure to remove all references on a released spoe applet
      + filters: Always keep all offsets up to date during data filtering
      + peers: fix partial message decoding
      + spoa/python: Fixing return None
      + dns: fix null pointer dereference in snr_update_srv_status
      + dns: disabled servers through SRV records never recover
      + mux-h2: Properly detect too large frames when decoding headers
      + server: prevent deadlock when using 'set maxconn server'
      + htx: Fix htx_defrag() when an HTX block is expanded
      + queue: set SF_ASSIGNED when setting strm->target on dequeue
      + server: fix deadlock when changing maxconn via agent-check
      + h2: enforce stricter syntax checks on the :method pseudo-header
      + htx: fix missing header name length check in htx_add_header/trailer
      + lua: use task_wakeup() to properly run a task once
      + http/htx: prevent unbounded loop in http_manage_server_side_cookies
      + spoe: properly detach all agents when releasing the applet
      + mux-h2: Be sure to always report HTX parsing error to the app layer
      + sched: prevent rare concurrent wakeup of multi-threaded tasks
      + mux-pt: Always destroy the backend connection on detach
      + dns: multi-thread concurrency issue on UDP socket
      + mux_pt: always report the connection error to the conn_stream
    - Refresh haproxy.service-*.patch.
    - Remove patches applied by upstream in debian/patches:
      + 0001-2.0-2.3-BUG-MAJOR-htx-fix-missing-header-name-length-check-i.patch
      + 0001-BUG-CRITICAL-hpack-never-index-a-header-into-the-hea.patch
      + 2.0-0001-BUG-MAJOR-h2-enforce-checks-on-the-method-syntax-bef.patch
      + CVE-2022-0711.patch
      + lp1894879-BUG-MEDIUM-dns-*.patch

 -- Lucas Kanashiro <email address hidden> Fri, 26 Aug 2022 17:07:24 -0300

  haproxy (2.0.13-2ubuntu0.5) focal-security; urgency=medium

  * SECURITY UPDATE: infinite loop via Set-Cookie2 header
    - debian/patches/CVE-2022-0711.patch: prevent unbounded loop in
      src/http_ana.c.
    - CVE-2022-0711
  * debian/rules: link against libatomic on riscv64.

 -- Marc Deslauriers <email address hidden> Wed, 02 Mar 2022 07:56:19 -0500

  haproxy (2.0.13-2ubuntu0.3) focal-security; urgency=medium

  * SECURITY UPDATE: duplicate content-length header check bypass in HTX
    - d/p/0001-2.0-2.3-BUG-MAJOR*.patch: fix missing header name length
      check in htx_add_header/trailer in src/htx.c.
    - CVE number pending

 -- Marc Deslauriers <email address hidden> Fri, 27 Aug 2021 07:48:39 -0400

  haproxy (2.0.13-2ubuntu0.2) focal-security; urgency=medium

  * SECURITY UPDATE: Security issue in HTTP/2 implementation
    - d/p/2.0-0001*.patch: enforce checks on the method syntax before
      translating to HTX.
    - No CVE number

 -- Marc Deslauriers <email address hidden> Mon, 16 Aug 2021 07:42:00 -0400