-
haproxy (1.4.24-1) unstable; urgency=high
[ Vincent Bernat ]
* New upstream version.
+ CVE-2013-2175: fix a possible crash when using negative header
occurrences.
[ Prach Pongpanich ]
* Drop bashism patch. It seems useless to maintain a patch to convert
example scripts from /bin/bash to /bin/sh.
* Fix reload/restart action of init script (LP: #1187469).
-- Vincent Bernat <email address hidden> Mon, 17 Jun 2013 21:56:26 +0200
-
haproxy (1.4.23-1) unstable; urgency=low
[ Apollon Oikonomopoulos ]
* New upstream version (Closes: #643650, #678953)
+ This fixes CVE-2012-2942 (Closes: #674447)
+ This fixes CVE-2013-1912 (Closes: #704611)
* Ship vim addon as vim-haproxy (Closes: #702893)
* Check for the configuration file after sourcing /etc/default/haproxy
(Closes: #641762)
* Use /dev/log for logging by default (Closes: #649085)
[ Vincent Bernat ]
* debian/control:
+ add Vcs-* fields
+ switch maintenance to Debian HAProxy team. (Closes: #706890)
+ drop dependency to quilt: 3.0 (quilt) format is in use.
* debian/rules:
+ don't explicitly call dh_installchangelog.
+ use dh_installdirs to install directories.
+ use dh_install to install error and configuration files.
+ switch to `linux2628` Makefile target for Linux.
* debian/postrm:
+ remove haproxy user and group on purge.
* Ship a more minimal haproxy.cfg file: no `listen` blocks but `global`
and `defaults` block with appropriate configuration to use chroot and
logging in the expected way.
[ Prach Pongpanich ]
* debian/copyright:
+ add missing copyright holders
+ update years of copyright
* debian/rules:
+ build with -Wl,--as-needed to get rid of unnecessary depends
* Remove useless files in debian/haproxy.{docs,examples}
* Update debian/watch file, thanks to Bart Martens
-- Vincent Bernat <email address hidden> Mon, 06 May 2013 20:02:14 +0200
-
haproxy (1.4.18-0ubuntu3) raring; urgency=low
* SECURITY UPDATE: denial of service and possible arbitrary code
execution via non-default global.tune.bufsize.
- debian/patches/CVE-2012-2942.patch: check buffer sizes in
include/types/global.h, src/acl.c, src/cfgparse.c, src/checks.c,
src/dumpstats.c, src/haproxy.c, src/proto_http.c,
tests/0000-debug-stats.diff.
- CVE-2012-2942
* SECURITY UPDATE: denial of service via HTTP information in tcp-request
- debian/patches/CVE-2013-1912.patch: properly handle buffers in
src/proto_http.c.
- CVE-2013-1912
-- Marc Deslauriers <email address hidden> Fri, 05 Apr 2013 10:12:47 -0400