mirror of
https://github.com/godotengine/buildroot.git
synced 2026-01-01 13:49:03 +03:00
e55ff17f17
Fixes the following security vulnerabilities: - CVE-2019-19330: The HTTP/2 implementation in HAProxy before 2.0.10 mishandles headers, as demonstrated by carriage return (CR, ASCII 0xd), line feed (LF, ASCII 0xa), and the zero character (NUL, ASCII 0x0), aka Intermediary Encapsulation Attacks (1.9.13) - CVE-2019-14241: HAProxy through 2.0.2 allows attackers to cause a denial of service (ha_panic) via vectors related to htx_manage_client_side_cookies in proto_htx.c (1.9.9) - CVE-2019-11323: HAProxy before 1.9.7 mishandles a reload with rotated keys, which triggers use of uninitialized, and very predictable, HMAC keys. This is related to an include/types/ssl_sock.h error (1.9.7) In addition, a large number of non-security related bugs have been fixed. See the changelog for details: https://www.haproxy.org/download/1.9/src/CHANGELOG Signed-off-by: Peter Korsgaard <peter@korsgaard.com>