RHSA-2020:1725-01 -- Redhat haproxyID: oval:org.secpod.oval:def:66792 | Date: (C)2020-11-09 (M)2022-10-10 |
Class: PATCH | Family: unix |
The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. The following packages have been upgraded to a later upstream version: haproxy . Security Fix: * haproxy: HTTP request smuggling issue with transfer-encoding header containing an obfuscated chunked value * haproxy: HTTP/2 implementation vulnerable to intermediary encapsulation attacks For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the CentOS 8.2 Release Notes linked from the References section.