-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 15 Jun 2013 11:27:32 +0200 Source: haproxy Binary: haproxy Architecture: source i386 Version: 1.4.8-1+squeeze1 Distribution: squeeze-security Urgency: high Maintainer: Arnaud Cornet <acornet@debian.org> Changed-By: Vincent Bernat <bernat@debian.org> Description: haproxy - fast and reliable load balancing reverse proxy Closes: 674447 704611 Changes: haproxy (1.4.8-1+squeeze1) squeeze-security; urgency=high . * CVE-2013-1912: buffer overflow when HTTP keep-alive is enabled, using HTTP keywords in TCP inspection rules and running with rewrite rules that appends to requests. Closes: #704611. * CVE-2012-2942: buffer overflow in the trash buffer in the header capture functionality when global.tune.bufsize is set to a value greater than the default and header rewriting is enabled. Closes: #674447. * CVE-2013-2175: fix a possible crash when using negative header occurrences. Checksums-Sha1: 53032a347ad5f0a338049f78a16dc0cc24d43b17 1721 haproxy_1.4.8-1+squeeze1.dsc 3b7a982ba7fb01d43826f5af5e95c86080ae0ca3 778220 haproxy_1.4.8.orig.tar.gz 33901a1e9b0051e249bc2b3f9890049523b934df 13650 haproxy_1.4.8-1+squeeze1.debian.tar.gz 611331a56b857041db0a636e0c0d1c7e3bfbbeef 506684 haproxy_1.4.8-1+squeeze1_i386.deb Checksums-Sha256: d9f08e7c388be0accc6ded7b3bc4b4b4e6f0a1fd9d62345fceb24921f2d46076 1721 haproxy_1.4.8-1+squeeze1.dsc 707487ade815cbd37492d91a014f9a5b3ac313e5b4cb31e2d7c4d2a16f4a23f1 778220 haproxy_1.4.8.orig.tar.gz f403577021ce7d845805965f31eb94d343043228322007511b4fbd3f6fd0047c 13650 haproxy_1.4.8-1+squeeze1.debian.tar.gz a00401a5f7f8dc499ba806f4144af654c07eab6ed0c418903df24497697ed991 506684 haproxy_1.4.8-1+squeeze1_i386.deb Files: 97a0b0a035cbf453ca95d0b45c5ac253 1721 net optional haproxy_1.4.8-1+squeeze1.dsc 104f4985b37bd9bac7a33e20fb6aaadf 778220 net optional haproxy_1.4.8.orig.tar.gz 0e1878cbfd1b0bdff1451304af14b1d8 13650 net optional haproxy_1.4.8-1+squeeze1.debian.tar.gz d470c9a1614ca45e9436769db85e2241 506684 net optional haproxy_1.4.8-1+squeeze1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJRv2jOAAoJEJWkL+g1NSX5sxcP/jX2FWvajqLyrDy4kCTetvey pY8uPLCQ2viZWuDaj7aCQhgbFJ0/0e+WDkJ8+jZMpCzaHUzSYs3EXthaWu1Jl4B1 rOFNnAy+fC+Gld2liyU03MUhQzQ10iM71zuTMKoei2kXHwzx5IxCz/x+chyKjeCS 5FsaEibFWtB82AXcF/8OUM2f9ZKbcLe7QVkcb8K7N1x7YN1DT/h1OEbNMH3TNj1k OofQly8I5Sftees+zTtT0cMEgrHi/i9LRX3wsXA3XylBLsS4cvIjfWMJLmNb+ZJO vGdGez+2Uz5halSl15xDC6XnPz86nc2dgP6/5ghw0fdyUtH+wOS6PwmKYlGRgzKP W9ANXe2i2rqLQ22Uq9upPViFqlBchsd1qJv3vycqlPu85ROqpmBPes2sqbDrSkwu dJ1J3rQECyEpOxPjVwCm1xNMzt1HfKaRvLr880JPa6FeCDLrzlmAjRKZEg3WHw0L dZBFjEXyB5NH9yadty7P4rEEG0Z0j0JfTU67qqwWNE4tYWID3l5LuTjDjUOf8ZuA 234Y4/CnP/O4VTvsO4hASif/ha80Q1w8OYxI/XbvABgwDdIU2lcmRzcvjY3LY4mt 5NJ2eV/fA6fdCt6JKrc5/BnsasqjBjAQrvAzfdKc/skV98k6WDUUeG5+/ESYj3bV SbOImYCmDR4acq/joYvI =vVaG -----END PGP SIGNATURE-----
