From 3696cb6079dbcdbb52512458a185afcb5259c294a6da32e32734e70839b6e2e9 Mon Sep 17 00:00:00 2001
From: Kristoffer Gronlund <kgronlund@suse.com>
Date: Wed, 26 Sep 2018 14:03:33 +0000
Subject: [PATCH] Accepting request 638408 from
 home:KGronlund:branches:server:http

* BUG/MEDIUM: cache: don't cache when an Authorization header is present (VUL-1) (bsc#1094846) (CVE-2018-11469)

OBS-URL: https://build.opensuse.org/request/show/638408
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=177
---
 haproxy.changes | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/haproxy.changes b/haproxy.changes
index 26b8c47..9ecc8fe 100644
--- a/haproxy.changes
+++ b/haproxy.changes
@@ -158,7 +158,7 @@ Mon Jun 25 05:16:57 UTC 2018 - kgronlund@suse.com
 Tue May 29 07:09:26 UTC 2018 - kgronlund@suse.com
 
 - Update to version 1.8.9~git9.6d82e611:
-  * BUG/MEDIUM: cache: don't cache when an Authorization header is present (VUL-1) (bsc#1094846)
+  * BUG/MEDIUM: cache: don't cache when an Authorization header is present (VUL-1) (bsc#1094846) (CVE-2018-11469)
   * BUG/MEDIUM: dns: Delay the attempt to run a DNS resolution on check failure.
   * BUG/MINOR: ssl/lua: prevent lua from affecting automatic maxconn computation
   * BUG/MEDIUM: contrib/modsecurity: Use network order to encode/decode flags