SUSE-SU-2015:1776-1

Source
https://www.suse.com/support/update/announcement/2015/suse-su-20151776-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2015:1776-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2015:1776-1
Related
Published
2015-09-25T13:22:07Z
Modified
2015-09-25T13:22:07Z
Summary
Security update for haproxy
Details

haxproy was updated to backport various security fixes and related patches (bsc#937202) (bsc#937042) (CVE-2015-3281)

  • BUG/MAJOR: buffers: make the bufferslowrealign() function respect output data
  • BUG/MINOR: ssl: fix smpfetchsslfcsession_id
  • MEDIUM: ssl: replace standards DH groups with custom ones
  • BUG/MEDIUM: ssl: fix tune.ssl.default-dh-param value being overwritten
  • MINOR: ssl: add a destructor to free allocated SSL ressources
  • BUG/MINOR: ssl: Display correct filename in error message
  • MINOR: ssl: load certificates in alphabetical order
  • BUG/MEDIUM: checks: fix conflicts between agent checks and ssl healthchecks
  • BUG/MEDIUM: ssl: force a full GC in case of memory shortage
  • BUG/MEDIUM: ssl: fix bad ssl context init can cause segfault in case of OOM.
  • BUG/MINOR: ssl: correctly initialize ssl ctx for invalid certificates
  • MINOR: ssl: add statement to force some ssl options in global.
  • MINOR: ssl: add fetchs 'sslcder' and 'sslfder' to return DER formatted certs

Also the init script was fixed for the haproxy status checks (bsc#947204)

References

Affected packages

SUSE:OpenStack Cloud 5 / haproxy

Package

Name
haproxy
Purl
pkg:rpm/suse/haproxy&distro=SUSE%20OpenStack%20Cloud%205

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.5.4-12.1

Ecosystem specific

{
    "binaries": [
        {
            "haproxy": "1.5.4-12.1"
        }
    ]
}