UbuntuUpdates.org

Package "haproxy"

Name: haproxy

Description:

fast and reliable load balancing reverse proxy
Latest version: 2.4.30-0ubuntu0.22.04.1
Release: jammy (22.04)
Level: proposed
Repository: main
Homepage: http://www.haproxy.org/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "haproxy"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "haproxy" in Jammy

Repository Area Version
base main 2.4.14-1ubuntu1
base universe 2.4.14-1ubuntu1
security main 2.4.24-0ubuntu0.22.04.3
security universe 2.4.24-0ubuntu0.22.04.3
updates universe 2.4.30-0ubuntu0.22.04.1
updates main 2.4.30-0ubuntu0.22.04.1
proposed universe 2.4.30-0ubuntu0.22.04.1

Changelog

Version: 2.4.30-0ubuntu0.22.04.1 2026-01-08 23:08:28 UTC

  haproxy (2.4.30-0ubuntu0.22.04.1) jammy; urgency=medium

  * New upstream version (LP: #2127664)
    - Fix an issue in H2 where 'Z' character was not rejected as expected from
      header field names
    - For further information, see the upstream release notes:
      + https://<email address hidden>/msg46188.html
  * d/p/CVE-2025-11230.patch: drop patch fixed upstream in 2.4.30

 -- Athos Ribeiro <email address hidden> Wed, 03 Dec 2025 13:00:30 -0300
2127664 New HAProxy upstream microreleases 2.4.30, 2.8.16, and 3.0.12
CVE-2025-11230 BUG/CRITICAL: mjson: fix possible DoS when parsing numbers

Version: *DELETED* 2025-11-16 16:07:05 UTC
No changelog for deleted or moved packages.

Version: 2.4.29-0ubuntu0.22.04.1 2025-10-23 23:07:16 UTC

  haproxy (2.4.29-0ubuntu0.22.04.1) jammy; urgency=medium

  * New upstream version (LP: #2112526)
    - This new version includes several bug fixes.
    - The SSL stack is now always completely initialized.
    - For further information, see the upstream release notes:
      + https://<email address hidden>/msg44427.html
      + https://<email address hidden>/msg44784.html
      + https://<email address hidden>/msg45071.html
      + https://<email address hidden>/msg45416.html
      + https://<email address hidden>/msg45810.html
  * d/p/CVE-2025-32464.patch: drop patch applied upstream

 -- Athos Ribeiro <email address hidden> Fri, 10 Oct 2025 11:50:23 -0300
2112526 Micro release updates for jammy, noble, and plucky
CVE-2025-32464 HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sample_conv_regsub heap-based buffer overflow because of mishandling of the repl

Version: *DELETED* 2024-01-06 01:06:54 UTC
No changelog for deleted or moved packages.

Version: 2.4.24-0ubuntu0.22.04.1 2023-12-08 16:08:18 UTC

  haproxy (2.4.24-0ubuntu0.22.04.1) jammy; urgency=medium

  * New upstream release (LP: #2028418)
    - Major and critical bug fixes according to the upstream changelog:
      + BUG/MAJOR: http-ana: Get a fresh trash buffer for each header value
        replacement
      + BUG/MAJOR: http: reject any empty content-length header value
    - For further information, refer to the upstream changelog at
      https://www.haproxy.org/download/2.4/src/CHANGELOG and to the upstream
      release announcements at
      https://<email address hidden>/msg43664.html
      (2.4.23), and
      https://<email address hidden>/msg43901.html (2.4.24)
    - Remove patches applied by upstream in debian/patches:
      + CVE-2023-40225-1.patch
      + CVE-2023-40225-2.patch

 -- Athos Ribeiro <email address hidden> Tue, 31 Oct 2023 11:16:29 -0300
2028418 MRE updates of haproxy for focal, jammy and lunar
CVE-2023-40225 HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x


About   -   Send Feedback to @ubuntu_updates