projects / haproxy.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(merge: 9a72692 4585398)
haproxy (2.6.12-1+deb12u3) bookworm-security; urgency=high
authorVincent Bernat <bernat@debian.org>
Fri, 3 Oct 2025 06:03:00 +0000 (08:03 +0200)
committerVincent Bernat <bernat@debian.org>
Fri, 3 Oct 2025 06:03:00 +0000 (08:03 +0200)
commita186384812c980f62795c96ad4a685003de2aa82
treefacbfd8957d4a2711235e3e7e924569e772b17b5tree | snapshot
parent9a72692e10d6e4f986f6353204b47ed6b7d89441commit | diff
parent458539817ce2f64995aa57c3b10294ed2ba4ba36commit | diff
haproxy (2.6.12-1+deb12u3) bookworm-security; urgency=high

  * CVE-2025-11230: fix possible DoS when parsing JSON numbers.

[dgit import unpatched haproxy 2.6.12-1+deb12u3]
89 files changed:
debian/NEWS | | blob
debian/changelog | | blob
debian/clean | | blob
debian/control | | blob
debian/copyright | | blob
debian/dconv/LICENSE | | blob
debian/dconv/NOTICE | | blob
debian/dconv/README.md | | blob
debian/dconv/css/check.png | | blob
debian/dconv/css/cross.png | | blob
debian/dconv/css/page.css | | blob
debian/dconv/haproxy-dconv.py | | blob
debian/dconv/img/logo-med.png | | blob
debian/dconv/js/typeahead.bundle.js | | blob
debian/dconv/parser/__init__.py | | blob
debian/dconv/parser/arguments.py | | blob
debian/dconv/parser/example.py | | blob
debian/dconv/parser/keyword.py | | blob
debian/dconv/parser/seealso.py | | blob
debian/dconv/parser/table.py | | blob
debian/dconv/parser/underline.py | | blob
debian/dconv/templates/parser/arguments.tpl | | blob
debian/dconv/templates/parser/example.tpl | | blob
debian/dconv/templates/parser/example/comment.tpl | | blob
debian/dconv/templates/parser/seealso.tpl | | blob
debian/dconv/templates/parser/table.tpl | | blob
debian/dconv/templates/parser/table/header.tpl | | blob
debian/dconv/templates/parser/table/row.tpl | | blob
debian/dconv/templates/parser/underline.tpl | | blob
debian/dconv/templates/summary.html | | blob
debian/dconv/templates/template.html | | blob
debian/dconv/tools/generate-docs.sh | | blob
debian/gbp.conf | | blob
debian/halog.1 | | blob
debian/haproxy-doc.doc-base.haproxy | | blob
debian/haproxy-doc.doc-base.haproxy-lua | | blob
debian/haproxy-doc.docs | | blob
debian/haproxy-doc.install | | blob
debian/haproxy-doc.links | | blob
debian/haproxy-doc.maintscript | | blob
debian/haproxy.README.Debian | | blob
debian/haproxy.cfg | | blob
debian/haproxy.default | | blob
debian/haproxy.dirs | | blob
debian/haproxy.docs | | blob
debian/haproxy.examples | | blob
debian/haproxy.init | | blob
debian/haproxy.install | | blob
debian/haproxy.maintscript | | blob
debian/haproxy.manpages | | blob
debian/haproxy.postinst | | blob
debian/haproxy.postrm | | blob
debian/haproxy.tmpfile | | blob
debian/haproxy.vim | | blob
debian/logrotate.conf | | blob
debian/patches/0001-BUG-CRITICAL-mjson-fix-possible-DoS-when-parsing-num.patch | | blob
debian/patches/0001-BUG-MEDIUM-sample-fix-risk-of-overflow-when-replacin.patch | | blob
debian/patches/BUG-MAJOR-h3-reject-header-values-containing-invalid.patch | | blob
debian/patches/BUG-MAJOR-http-reject-any-empty-content-length-heade.patch | | blob
debian/patches/BUG-MINOR-h1-do-not-accept-as-part-of-the-URI-compon.patch | | blob
debian/patches/BUG-MINOR-h2-reject-more-chars-from-the-path-pseudo-.patch | | blob
debian/patches/BUG-MINOR-h3-reject-more-chars-from-the-path-pseudo-.patch | | blob
debian/patches/DOC-clarify-the-handling-of-URL-fragments-in-request.patch | | blob
debian/patches/MINOR-h2-pass-accept-invalid-http-request-down-the-r.patch | | blob
debian/patches/MINOR-http-add-new-function-http_path_has_forbidden_.patch | | blob
debian/patches/MINOR-ist-add-new-function-ist_find_range-to-find-a-.patch | | blob
debian/patches/REGTESTS-http-rules-add-accept-invalid-http-request-.patch | | blob
debian/patches/REGTESTS-http-rules-verify-that-we-block-by-default-.patch | | blob
debian/patches/REORG-http-move-has_forbidden_char-from-h2.c-to-http.patch | | blob
debian/patches/debianize-dconv.patch | | blob
debian/patches/haproxy.service-add-documentation.patch | | blob
debian/patches/haproxy.service-make-systemd-bind-dev-log-inside-chroot.patch | | blob
debian/patches/haproxy.service-start-after-syslog.patch | | blob
debian/patches/reproducible.patch | | blob
debian/patches/series | | blob
debian/rsyslog.conf | | blob
debian/rules | | blob
debian/salsa-ci.yml | | blob
debian/source/format | | blob
debian/source/include-binaries | | blob
debian/tests/cli | | blob
debian/tests/control | | blob
debian/tests/proxy-localhost | | blob
debian/tests/proxy-ssl-pass-through | | blob
debian/tests/proxy-ssl-termination | | blob
debian/tests/utils | | blob
debian/vim-haproxy.install | | blob
debian/vim-haproxy.yaml | | blob
debian/watch | | blob
Unnamed repository; edit this file 'description' to name the repository.