UbuntuUpdates.org

Package "haproxy"

Name: haproxy

Description:

fast and reliable load balancing reverse proxy
Latest version: 2.8.15-0ubuntu0.24.04.1
Release: noble (24.04)
Level: updates
Repository: main
Homepage: http://www.haproxy.org/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "haproxy"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "haproxy" in Noble

Repository Area Version
base universe 2.8.5-1ubuntu3
base main 2.8.5-1ubuntu3
security universe 2.8.5-1ubuntu3.4
security main 2.8.5-1ubuntu3.4
updates universe 2.8.15-0ubuntu0.24.04.1
proposed main 2.8.15-0ubuntu0.24.04.1
proposed universe 2.8.15-0ubuntu0.24.04.1

Changelog

Version: 2.8.15-0ubuntu0.24.04.1 2025-11-13 22:07:21 UTC

  haproxy (2.8.15-0ubuntu0.24.04.1) noble; urgency=medium

  * New upstream version (LP: #2112526)
    - This new release introduce several fixes, including bug fixes for QUIC,
      for the SSL stack, and LUA.
    - New configuration options were introduced, and a new default value for
      the hard limit on the number of file descriptors was introduced. These
      are described in the Debian NEWS file.
    - For further information, see the upstream release notes:
      + https://<email address hidden>/msg44606.html
      + https://<email address hidden>/msg44632.html
      + https://<email address hidden>/msg44787.html
      + https://<email address hidden>/msg44790.html
      + https://<email address hidden>/msg45060.html
      + https://<email address hidden>/msg45317.html
      + https://<email address hidden>/msg45413.html
      + https://<email address hidden>/msg45486.html
      + https://<email address hidden>/msg45570.html
      + https://<email address hidden>/msg45806.html
  * d/NEWS: add NEWS file.
  * Dropped paches applied upstream:
    - d/p/CVE-2024-53008-1.patch
    - d/p/CVE-2024-53008-2.patch
    - d/p/CVE-2025-32464.patch

 -- Athos Ribeiro <email address hidden> Wed, 08 Oct 2025 10:50:30 -0300
Source diff to previous version
2112526 Micro release updates for jammy, noble, and plucky
CVE-2024-53008 Inconsistent interpretation of HTTP requests ('HTTP Request/Response Smuggling') issue exists in HAProxy. If this vulnerability is exploited, a remo
CVE-2025-32464 HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sample_conv_regsub heap-based buffer overflow because of mishandling of the repl

Version: 2.8.5-1ubuntu3.4 2025-10-06 21:08:23 UTC

  haproxy (2.8.5-1ubuntu3.4) noble-security; urgency=medium

  * SECURITY UPDATE: DoS via MJSON
    - debian/patches/CVE-2025-11230.patch: fix possible DoS when parsing
      numbers in src/mjson.c.
    - CVE-2025-11230

 -- Marc Deslauriers <email address hidden> Wed, 01 Oct 2025 13:01:09 -0400
Source diff to previous version
CVE-2025-11230 BUG/CRITICAL: mjson: fix possible DoS when parsing numbers

Version: 2.8.5-1ubuntu3.3 2025-04-10 18:06:58 UTC

  haproxy (2.8.5-1ubuntu3.3) noble-security; urgency=medium

  * SECURITY UPDATE: heap overflow in sample_conv_regsub
    - debian/patches/CVE-2025-32464.patch: fix risk of overflow when
      replacing multiple regex back-refs in src/sample.c.
    - CVE-2025-32464

 -- Marc Deslauriers <email address hidden> Wed, 09 Apr 2025 08:50:46 -0400
Source diff to previous version
CVE-2025-32464 HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sample_conv_regsub heap-based buffer overflow because of mishandling of the repl

Version: 2.8.5-1ubuntu3.2 2024-12-03 04:06:45 UTC

  haproxy (2.8.5-1ubuntu3.2) noble-security; urgency=medium

  * SECURITY UPDATE: Request smuggling
    - debian/patches/CVE-2024-53008-1.patch: Check pseudo-header method
      contains only valid characters according to RFC 9110
    - debian/patches/CVE-2024-53008-2.patch: Check pseudo-header scheme
      contains only valid characters according to RFC 9110
    - CVE-2024-53008

 -- Bruce Cable <email address hidden> Mon, 02 Dec 2024 15:01:44 +1100
Source diff to previous version
CVE-2024-53008 Inconsistent interpretation of HTTP requests ('HTTP Request/Response Smuggling') issue exists in HAProxy. If this vulnerability is exploited, a remo

Version: 2.8.5-1ubuntu3.1 2024-11-14 23:07:00 UTC

  haproxy (2.8.5-1ubuntu3.1) noble; urgency=medium

  * SRU: LP: #2083480: No-change rebuild to disable frame pointers on
    ppc64el and s390x.

 -- Matthias Klose <email address hidden> Wed, 02 Oct 2024 14:40:51 +0200


About   -   Send Feedback to @ubuntu_updates