OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 20.1 Legacy Series »
  • haproxy HTTP/2 HPACK Decoder Vulnerability CVE-2020-11100
« previous next »
  • Print
Pages: [1]

Author Topic: haproxy HTTP/2 HPACK Decoder Vulnerability CVE-2020-11100  (Read 1664 times)

jfqd

  • Newbie
  • *
  • Posts: 5
  • Karma: 2
    • View Profile
haproxy HTTP/2 HPACK Decoder Vulnerability CVE-2020-11100
« on: April 06, 2020, 12:11:42 pm »
Is there a timeframe for an update of haproxy to fix CVE-2020-11100 [1]?

[1] https://www.haproxy.com/blog/haproxy-1-8-http-2-hpack-decoder-vulnerability-fixed/
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 17570
  • Karma: 1596
    • View Profile
Re: haproxy HTTP/2 HPACK Decoder Vulnerability CVE-2020-11100
« Reply #1 on: April 06, 2020, 12:26:24 pm »
Yes, 20.1.4 with HAProxy 2.0.14 this week.

Too late, too soon?


Cheers,
Franco
Logged

jfqd

  • Newbie
  • *
  • Posts: 5
  • Karma: 2
    • View Profile
Re: haproxy HTTP/2 HPACK Decoder Vulnerability CVE-2020-11100
« Reply #2 on: April 06, 2020, 12:35:31 pm »
Thx Franco, perfect! :)
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 17570
  • Karma: 1596
    • View Profile
Re: haproxy HTTP/2 HPACK Decoder Vulnerability CVE-2020-11100
« Reply #3 on: April 06, 2020, 01:44:50 pm »
Whew, ok 8)

Currently we plan for a Wednesday release.


Cheers,
Franco
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 20.1 Legacy Series »
  • haproxy HTTP/2 HPACK Decoder Vulnerability CVE-2020-11100
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2