From 52b33deb58769efe5589c6e4a0d45c8501d4d3658430ee0ae5305e740fb04361 Mon Sep 17 00:00:00 2001 From: Kristoffer Gronlund Date: Tue, 30 Jul 2019 14:49:53 +0000 Subject: [PATCH] Accepting request 719829 from home:KGronlund:branches:server:http - Update to version 2.0.3+git14.0ff395c1 (bsc#1142529) (CVE-2019-14241): * BUG/MAJOR: queue/threads: avoid an AB/BA locking issue in process_srv_queue() * BUG/MINOR: htx: Fix free space addresses calculation during a block expansion * BUG/MINOR: hlua: Only execute functions of HTTP class if the txn is HTTP ready * MINOR: hlua: Add a flag on the lua txn to know in which context it can be used * MINOR: hlua: Don't set request analyzers on response channel for lua actions * BUG/MEDIUM: hlua: Check the calling direction in lua functions of the HTTP class * BUG/MINOR: hlua/htx: Reset channels analyzers when txn:done() is called * DOC: improve the wording in CONTRIBUTING about how to document a bug fix * BUG/MINOR: log: make sure writev() is not interrupted on a file output * BUG/MEDIUM: streams: Don't switch the SI to SI_ST_DIS if we have data to send. * BUG/MEDIUM: lb-chash: Fix the realloc() when the number of nodes is increased * BUILD: threads: add the definition of PROTO_LOCK * BUG/MINOR: proxy: always lock stop_proxy() * BUG/MEDIUM: protocols: add a global lock for the init/deinit stuff * [RELEASE] Released version 2.0.3 * BUG/CRITICAL: http_ana: Fix parsing of malformed cookies which start by a delimiter * BUG/MINOR: http_htx: Support empty errorfiles * BUG/MINOR: http_ana: Be sure to have an allocated buffer to generate an error * BUG/MEDIUM: tcp-checks: do not dereference inexisting conn_stream * BUG/MINOR: mux-h1: Close server connection if input data remains in h1_detach() * BUG/MEDIUM: mux-h1: Trim excess server data at the end of a transaction * BUG/MINOR: checks: do not exit tcp-checks from the middle of the loop * BUG/MINOR: session: Send a default HTTP error if accept fails for a H1 socket * BUG/MINOR: session: Emit an HTTP error if accept fails only for H1 connection * BUG/MINOR: debug: Remove flags CO_FL_SOCK_WR_ENA/CO_FL_SOCK_RD_ENA * DOC: htx: Update comments in HTX files * BUG/MINOR: hlua: Make the function txn:done() HTX aware * BUG/MINOR: cache/htx: Make maxage calculation HTX aware * BUG/MINOR: http_htx: Initialize HTX error messages for TCP proxies OBS-URL: https://build.opensuse.org/request/show/719829 OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=188 --- _servicedata | 4 +-- haproxy-2.0.1+git27.5db881ff.tar.gz | 3 -- haproxy-2.0.3+git14.0ff395c1.tar.gz | 3 ++ haproxy.changes | 55 +++++++++++++++++++++++++++++ haproxy.spec | 2 +- 5 files changed, 61 insertions(+), 6 deletions(-) delete mode 100644 haproxy-2.0.1+git27.5db881ff.tar.gz create mode 100644 haproxy-2.0.3+git14.0ff395c1.tar.gz diff --git a/_servicedata b/_servicedata index 1920ab6..4005d29 100644 --- a/_servicedata +++ b/_servicedata @@ -1,6 +1,6 @@ http://git.haproxy.org/git/haproxy-2.0.git - 5db881ff0506bd5bb6caf9d80a06e79afa7473ca + 0ff395c154ad827c0c30eefc9371ba7f7c171027 - + \ No newline at end of file diff --git a/haproxy-2.0.1+git27.5db881ff.tar.gz b/haproxy-2.0.1+git27.5db881ff.tar.gz deleted file mode 100644 index fbc3034..0000000 --- a/haproxy-2.0.1+git27.5db881ff.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:728a964b51d9438b5a4d0098fccbcc697f55869f10a273e4f47d8d00d99934f8 -size 2618306 diff --git a/haproxy-2.0.3+git14.0ff395c1.tar.gz b/haproxy-2.0.3+git14.0ff395c1.tar.gz new file mode 100644 index 0000000..d4e0b8b --- /dev/null +++ b/haproxy-2.0.3+git14.0ff395c1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:42675c73515f4a850181f39a7d0afee1cb05476f4c3ce7e650f86d21233a53f8 +size 2626395 diff --git a/haproxy.changes b/haproxy.changes index 89374e1..4e8cb8a 100644 --- a/haproxy.changes +++ b/haproxy.changes @@ -1,3 +1,58 @@ +------------------------------------------------------------------- +Tue Jul 30 13:16:56 UTC 2019 - kgronlund@suse.com + +- Update to version 2.0.3+git14.0ff395c1 (bsc#1142529) (CVE-2019-14241): + * BUG/MAJOR: queue/threads: avoid an AB/BA locking issue in process_srv_queue() + * BUG/MINOR: htx: Fix free space addresses calculation during a block expansion + * BUG/MINOR: hlua: Only execute functions of HTTP class if the txn is HTTP ready + * MINOR: hlua: Add a flag on the lua txn to know in which context it can be used + * MINOR: hlua: Don't set request analyzers on response channel for lua actions + * BUG/MEDIUM: hlua: Check the calling direction in lua functions of the HTTP class + * BUG/MINOR: hlua/htx: Reset channels analyzers when txn:done() is called + * DOC: improve the wording in CONTRIBUTING about how to document a bug fix + * BUG/MINOR: log: make sure writev() is not interrupted on a file output + * BUG/MEDIUM: streams: Don't switch the SI to SI_ST_DIS if we have data to send. + * BUG/MEDIUM: lb-chash: Fix the realloc() when the number of nodes is increased + * BUILD: threads: add the definition of PROTO_LOCK + * BUG/MINOR: proxy: always lock stop_proxy() + * BUG/MEDIUM: protocols: add a global lock for the init/deinit stuff + * [RELEASE] Released version 2.0.3 + * BUG/CRITICAL: http_ana: Fix parsing of malformed cookies which start by a delimiter + * BUG/MINOR: http_htx: Support empty errorfiles + * BUG/MINOR: http_ana: Be sure to have an allocated buffer to generate an error + * BUG/MEDIUM: tcp-checks: do not dereference inexisting conn_stream + * BUG/MINOR: mux-h1: Close server connection if input data remains in h1_detach() + * BUG/MEDIUM: mux-h1: Trim excess server data at the end of a transaction + * BUG/MINOR: checks: do not exit tcp-checks from the middle of the loop + * BUG/MINOR: session: Send a default HTTP error if accept fails for a H1 socket + * BUG/MINOR: session: Emit an HTTP error if accept fails only for H1 connection + * BUG/MINOR: debug: Remove flags CO_FL_SOCK_WR_ENA/CO_FL_SOCK_RD_ENA + * DOC: htx: Update comments in HTX files + * BUG/MINOR: hlua: Make the function txn:done() HTX aware + * BUG/MINOR: cache/htx: Make maxage calculation HTX aware + * BUG/MINOR: http_htx: Initialize HTX error messages for TCP proxies + * BUG/MINOR: http_fetch: Fix http_auth/http_auth_group when called from TCP rules + * BUG/MINOR: backend: do not try to install a mux when the connection failed + * BUG/MEDIUM: http/htx: unbreak option http_proxy + * BUG/MEDIUM: checks: Don't attempt to receive data if we already subscribed. + * BUG/MINOR: dns: remove irrelevant dependency on a client connection + * [RELEASE] Released version 2.0.2 + * BUG/MEDIUM: threads: cpu-map designating a single thread/process are ignored + * BUG/MEDIUM: tcp-check: unbreak multiple connect rules again + * BUG/MINOR: mux-pt: do not pretend there's more data after a read0 + * BUG/MEDIUM: streams: Don't redispatch with L7 retries if redispatch isn't set. + * BUG/MEDIUM: streams: Don't give up if we couldn't send the request. + * BUG/MINOR: mux-h1: Correctly report Ti timer when HTX and keepalives are used + * BUG/MEDIUM: mux-h1: Don't release h1 connection if there is still data to send + * BUG/MAJOR: listener: fix thread safety in resume_listener() + * MINOR: task: introduce work lists + * BUG/MEDIUM: servers: Fix a race condition with idle connections. + * DOC: Fix typos and grammer in configuration.txt + * BUG/MEDIUM: da: cast the chunk to string. + * BUG/MEDIUM: checks: Don't attempt to read if we destroyed the connection. + * BUG/MINOR: server: Be really able to keep "pool-max-conn" idle connections + * BUG/MEDIUM: fd/threads: fix excessive CPU usage on multi-thread accept + ------------------------------------------------------------------- Tue Jul 09 11:48:41 UTC 2019 - kgronlund@suse.com diff --git a/haproxy.spec b/haproxy.spec index 238e06d..9a458b1 100644 --- a/haproxy.spec +++ b/haproxy.spec @@ -47,7 +47,7 @@ %endif Name: haproxy -Version: 2.0.1+git27.5db881ff +Version: 2.0.3+git14.0ff395c1 Release: 0 # #