You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa haproxy

Sigurnosni nedostatak programskog paketa haproxy

==========================================================================
Ubuntu Security Notice USN-3011-1
June 20, 2016

haproxy vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 16.04 LTS

Summary:

HAProxy could be made to crash if it received specially crafted network
traffic.

Software Description:
– haproxy: fast and reliable load balancing reverse proxy

Details:

Falco Schmutz discovered that HAProxy incorrectly handled the reqdeny
filter. A remote attacker could use this issue to cause HAProxy to crash,
resulting in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
haproxy 1.6.3-1ubuntu0.1

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-3011-1
CVE-2016-5360

Package Information:
https://launchpad.net/ubuntu/+source/haproxy/1.6.3-1ubuntu0.1

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAEBCgAGBQJXaDIMAAoJEGVp2FWnRL6T3UkP/1NfBqivd2FdAfMJ/H+WdNU/
5pTbofMIRLr/EM1dQ+wjNxbCtLTlc0wL/jaAzO8AF2JjSi+x8KWu087K75FMnj9+
NW5UkHfd0/GWUK38QJGM/wk5v2MTjdjGZ8vX0TC5EFknQSvdO772xM6q/DXtTvQu
J6iYzzacZTPv32oCZTlJZFTRPQfT/evQiNUZDvjEyyJ4UumAQMg4C195/JPYBVy6
3nngZjVviqovFpJFfmdHKMC0uAkvgivJa4T+LzDlIkpRrJR88F0wj3AZ55iP2Umr
RRiaCeS2n7eEh7IDEXEPOr7CAMeVUQoII0DXmAfAKMiNEzDn8Oo102YWenrTwJ12
kfGlGuB2Fw+bEjktskez/tV5fSks7KecHEV3lHwmRKbgQW2KHjQkk5m8ARJzWnXp
vH24MR8Gk6mMAaINoRgcEA2gaL20XO24MtyMJf/29JcQxJnJQHH4billiZ8sGgXL
o+/slYX8SFdmP1s3qNCG5VyttcALIlCSOU/Z39zgZJXDS7bYw52zGlDb7t77vBIb
/HUFEHu6Mm6zhCiPL+3+f5TJSx+76+7q7qE1a++kCxHmc2nxS9ItuuuEX1gc4z6v
5dlROle9Ysg9xZcid4r/CFlP+QYQrVkQrr14OQfxATq58dEgFLPYaiy/p6yw8CWo
f0tFTnvWkwVpp+EbBCu9
=DKM7
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostatak programskog paketa wget

Otkriven je sigurnosni nedostatak u programskom paketu wget za operacijski sustav Ubuntu. Otkriveni nedostatak potencijalnim napadačima omogućuje izmjenu lokalnih datoteka....

Close