Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
21.7 Legacy Series
»
heads up: 21.7.3 fixes CVE-2021-40346 (haproxy)
« previous
next »
Print
Pages: [
1
]
Author
Topic: heads up: 21.7.3 fixes CVE-2021-40346 (haproxy) (Read 1323 times)
mfedv
Newbie
Posts: 43
Karma: 6
heads up: 21.7.3 fixes CVE-2021-40346 (haproxy)
«
on:
September 23, 2021, 04:58:28 pm »
Hi,
the 21.7.3 announcement at
https://forum.opnsense.org/index.php?topic=24864.0
fails to mention haproxy, but 21.7.3 updates haproxy to 2.2.17, which
contains a fix for the recently discovered HTTP Smuggling vulnerability
(CVE-2021-40346):
https://jfrog.com/blog/critical-vulnerability-in-haproxy-cve-2021-40346-integer-overflow-enables-http-smuggling/
One more reason to install the upgrade (btw, thanks for all the good
work!)
Matthias
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
21.7 Legacy Series
»
heads up: 21.7.3 fixes CVE-2021-40346 (haproxy)