Bugzilla – Bug 895849
VUL-0: CVE-2014-6269: haproxy: read out of bounds
Last modified: 2015-04-06 10:15:48 UTC
public, via oss-sec From: Willy Tarreau <w@1wt.eu> Subject: [oss-security] CVE Request: haproxy read out of bounds Date: Tue, 9 Sep 2014 15:02:21 +0200 Hi, I'd like to get a CVE ID for a new vulnerability affecting HAProxy 1.5 before 1.5.4. In short, a user can cause HAProxy to parse contents out of a buffer by sending multiple gigs of carefully crafted chunks faster than the target server can read them. No memory write is performed during this phase, but the process may crash when tring to parse chunked data out of the request buffer. All the details and the patch are available here : http://git.haproxy.org/?p=haproxy-1.5.git;a=commitdiff;h=b4d05093bc89f71377230228007e69a1434c1a0c The fix was included in 1.5.4. Thanks, Willy
bugbot adjusting priority
CVE-2014-6269
was apparently introduced on July 10 2014 by http://git.haproxy.org/?p=haproxy.git;a=commit;h=bb2e669f9e73531ac9cc9277b40066b701eec918 so SUSE:SLE-12:GA haproxy is affected, but SLE11 is not.
update opensuse proxy host.
solved
An update workflow for this issue was started. This issue was rated as low. Please submit fixed packages until 2015-03-16. When done, reassign the bug to security-team@suse.de. https://swamp.suse.de/webswamp/wf/60675
SUSE-SU-2015:0660-1: An update that solves one vulnerability and has one errata is now available. Category: security (low) Bug References: 876438,895849 CVE References: CVE-2014-6269 Sources used: SUSE Cloud 5 (src): haproxy-1.5.4-0.7.1 SUSE Cloud 4 (src): haproxy-1.5.4-0.9.1