Bug 31557

Summary: haproxy new security issues CVE-2023-0056 and CVE-2023-25725
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Bruno Cornec <bruno>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: bruno
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: haproxy-2.6.7-1.mga9.src.rpm CVE:
Status comment:

Description David Walser 2023-02-15 17:41:30 CET 
Debian has issued an advisory on February 14:
https://www.debian.org/security/2023/dsa-5348

The issues are fixed upstream in 2.6.9.
Comment 1 David Walser 2023-02-15 17:45:43 CET 
Ubuntu has issued an advisory for the second issue on February 14:
https://ubuntu.com/security/notices/USN-5869-1
Comment 2 Bruno Cornec 2023-02-16 15:06:09 CET 
2.6.9 pushed to cauldron.

Status: NEW => RESOLVED
Resolution: (none) => FIXED

Bruno Cornec 2023-02-16 15:06:26 CET

CC: (none) => bruno

Comment 3 David Walser 2023-04-17 14:54:02 CEST 
This update also fixed CVE-2023-0836:
https://www.debian.org/security/2023/dsa-5388