USN-6294-2: HAProxy vulnerability
17 August 2023
HAProxy could allow unintended access to network services.
Releases
Packages
- haproxy - fast and reliable load balancing reverse proxy
Details
USN-6294-1 fixed vulnerabilities in HAProxy. This update provides the
corresponding updates for Ubuntu 20.04 LTS.
Original advisory details:
Ben Kallus discovered that HAProxy incorrectly handled empty Content-Length
headers. A remote attacker could possibly use this issue to manipulate the
payload and bypass certain restrictions.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 20.04
In general, a standard system update will make all the necessary changes.
References
Related notices
- USN-6294-1: haproxy-doc, haproxy, vim-haproxy