AVG-836 log
| Package | haproxy |
| Status | Fixed |
| Severity | Medium |
| Type | denial of service |
| Affected | 1.8.14-1 |
| Fixed | 1.9.0-1 |
| Current |
3.2.8-2 [extra-testing] 3.2.8-1 [extra] |
| Ticket | None |
| Created | Tue Dec 18 13:09:24 2018 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2018-20103 | Medium | Yes | Denial of service | A stack-exhaustion issue has been found in HAProxy before 1.8.15, in the dns_read_name() function in dns.c, where an infinite recursion can be triggered via... |
| CVE-2018-20102 | Low | Yes | Denial of service | A stack-based out-of-bounds read has been found in HAProxy before 1.8.15, in the dns_validate_dns_response() function in dns.c, where it can be triggered by... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 24 Jan 2019 | ASA-201901-15 | haproxy | denial of service |
| References |
|---|
https://www.mail-archive.com/haproxy@formilux.org/msg32055.html |