Google Git
Sign in
android-kvm / buildroot / 53e878affaa994ae8b1f3c27f23cf6792836f2fb
commit53e878affaa994ae8b1f3c27f23cf6792836f2fb[log] [tgz]
authorPeter Korsgaard <peter@korsgaard.com>Thu Apr 09 09:18:33 2020 +0200
committerPeter Korsgaard <peter@korsgaard.com>Thu Apr 09 09:25:25 2020 +0200
treeaec43765429e5252058bdb2e419c3779862fc616
parent37b0d4b687986797b98fc1e2b24d347bd5955332 [diff]
package/haproxy: security bump to version 2.0.14

- Fix CVE-2020-11100: In hpack_dht_insert in hpack-tbl.c in the HPACK
  decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can
  write arbitrary bytes around a certain location on the heap via a
  crafted HTTP/2 request, possibly causing remote code execution.

  https://www.mail-archive.com/haproxy@formilux.org/msg36877.html

- Update indentation of hash file (two spaces)

Furthermore, 2.0.11..2.0.13 contains a number of bugfixes.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2 files changed
tree: aec43765429e5252058bdb2e419c3779862fc616
  1. arch/
  2. board/
  3. boot/
  4. configs/
  5. docs/
  6. fs/
  7. linux/
  8. package/
  9. support/
  10. system/
  11. toolchain/
  12. utils/
  13. .defconfig
  14. .flake8
  15. .gitignore
  16. .gitlab-ci.yml
  17. .gitlab-ci.yml.in
  18. CHANGES
  19. Config.in
  20. Config.in.legacy
  21. COPYING
  22. DEVELOPERS
  23. Makefile
  24. Makefile.legacy
  25. README