[Debian] CVE: CVE-2023-25725: haproxy : may allow a bypass of access control
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
High
|
Zhixiong Chi |
Bug Description
CVE-2023-25725: https:/
HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka "request smuggling." The HTTP header parsers in HAProxy may accept empty header field names, which could be used to truncate the list of HTTP headers and thus make some headers disappear after being parsed and processed for HTTP/1.0 and HTTP/1.1. For HTTP/2 and HTTP/3, the impact is limited because the headers disappear before being parsed and processed, as if they had not been sent by the client. The fixed versions are 2.7.3, 2.6.9, 2.5.12, 2.4.22, 2.2.29, and 2.0.31.
Score:
cve_id status cvss3Score av ac pr ui ai
CVE-2023-25725 fixed 9.1 N L N N H
References:
haproxy_
CVE References
information type: | Public → Public Security |
Changed in starlingx: | |
importance: | Undecided → High |
status: | New → Confirmed |
status: | Confirmed → Triaged |
tags: | added: stx.9.0 stx.security |
Changed in starlingx: | |
assignee: | nobody → Zhixiong Chi (zhixiongchi) |
Changed in starlingx: | |
status: | Triaged → In Progress |
Reviewed: https:/ /review. opendev. org/c/starlingx /integ/ +/876989 /opendev. org/starlingx/ integ/commit/ 46e734ac4edc3a7 6868bdaa9b13d7c 3001dafdac
Committed: https:/
Submitter: "Zuul (22348)"
Branch: master
commit 46e734ac4edc3a7 6868bdaa9b13d7c 3001dafdac
Author: Zhixiong Chi <email address hidden>
Date: Thu Mar 9 10:02:42 2023 -0500
Debian: haproxy: CVE-2023- 0056,CVE- 2023-25725
Upgrade haproxy from "2.2.9-2+deb11u3" to "2.2.9-2+deb11u4" to
fix below CVEs:
CVE-2023-0056
CVE-2023-25725
Refer to: /www.debian. org/security/ 2023/dsa- 5348 /security- tracker. debian. org/tracker/ DSA-5348- 1
https:/
https:/
Test Plan:
PASS: $downloader
PASS: $build-pkgs --clean --parallel 10
PASS: $build-image
PASS: Jenkins Installation
PASS: Validation that the package version has been upgraded.
Closes-Bug: 2009334
Signed-off-by: Zhixiong Chi <email address hidden> 12fb954aa880324 220165a5523
Change-Id: Ibe076cb75deaa2