HAProxy官网安全更新(2021-09-07)

来源:HAProxy官网 发布日期:2021-09-07 阅读次数:24

基本信息

发布日期:2021-09-07(官方当地时间)

更新类型: 安全更新

更新版本: 2.4

感知时间:2021-09-08 00:08:10

风险等级: 未知

情报贡献: TSRC

更新标题

普通更新

更新详情

2021/09/07 : 2.4.4
- BUG/MEDIUM: h2: match absolute-path not path-absolute for :path
- REGTESTS: http_upgrade: fix incorrect expectation on TCP->H1->H2
- REGTESTS: abortonclose: after retries, 503 is expected, not close
- MINOR: hlua: take the global Lua lock inside a global function
- BUG/MINOR: stick-table: fix the sc-set-gpt* parser when using expressions
- BUG/MEDIUM: base64: check output boundaries within base64{dec,urldec}
- BUG/MINOR: base64: base64urldec() ignores padding in output size check
- MINOR: compiler: implement an ONLY_ONCE() macro
- BUG/MINOR: lua: use strlcpy2() not strncpy() to copy sample keywords
- BUG/MINOR: time: fix idle time computation for long sleeps
- MINOR: time: add report_idle() to report process-wide idle time
- BUG/MINOR: ebtree: remove dependency on incorrect macro for bits per long
- BUG/MINOR threads: Use get_(local|gm)time instead of (local|gm)time
- BUG/MINOR: tools: Fix loop condition in dump_text()
- CLEANUP: Add missing include guard to signal.h
- BUG/MINOR: vars: fix set-var/unset-var exclusivity in the keyword parser
- DOC: configuration: remove wrong tcp-request examples in tcp-response
- BUG/MINOR: config: reject configs using HTTP with bufsize >= 256 MB
- CLEANUP: htx: remove comments about "must be < 256 MB"
- BUG/MAJOR: htx: fix missing header name length check in htx_add_header/trailer
- Revert "BUG/MINOR: stream-int: Don't block reads in si_update_rx() if chn may receive"

软件描述

HAProxy是一个使用C语言编写的自由及开放源代码软件[1],其提供高可用性、负载均衡,以及基于TCP和HTTP的应用程序代理。

CVE编号

暂无

USRC分析

暂无

业界资讯

暂无