ELSA-2015-1741 -- Oracle haproxyID: oval:org.secpod.oval:def:26791 | Date: (C)2015-09-23 (M)2024-05-29 |
Class: PATCH | Family: unix |
HAProxy provides high availability, load balancing, and proxying for TCP and HTTP-based applications. An implementation error related to the memory management of request and responses was found within HAProxy"s buffer_slow_realign function. An unauthenticated remote attacker could possibly use this flaw to leak certain memory buffer contents from a past request or session. All haproxy users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.