2023-03-22 20:36:15 |
Lucas Kanashiro |
bug |
|
|
added bug |
2023-03-22 20:36:25 |
Lucas Kanashiro |
nominated for series |
|
Ubuntu Kinetic |
|
2023-03-22 20:36:25 |
Lucas Kanashiro |
bug task added |
|
haproxy (Ubuntu Kinetic) |
|
2023-03-22 20:36:25 |
Lucas Kanashiro |
nominated for series |
|
Ubuntu Focal |
|
2023-03-22 20:36:25 |
Lucas Kanashiro |
bug task added |
|
haproxy (Ubuntu Focal) |
|
2023-03-22 20:36:25 |
Lucas Kanashiro |
nominated for series |
|
Ubuntu Jammy |
|
2023-03-22 20:36:25 |
Lucas Kanashiro |
bug task added |
|
haproxy (Ubuntu Jammy) |
|
2023-03-22 20:36:32 |
Lucas Kanashiro |
haproxy (Ubuntu): status |
New |
Invalid |
|
2023-03-22 20:36:36 |
Lucas Kanashiro |
haproxy (Ubuntu Focal): assignee |
|
Lucas Kanashiro (lucaskanashiro) |
|
2023-03-22 20:36:37 |
Lucas Kanashiro |
haproxy (Ubuntu Jammy): assignee |
|
Lucas Kanashiro (lucaskanashiro) |
|
2023-03-22 20:36:39 |
Lucas Kanashiro |
haproxy (Ubuntu Kinetic): assignee |
|
Lucas Kanashiro (lucaskanashiro) |
|
2023-03-22 20:36:47 |
Lucas Kanashiro |
bug |
|
|
added subscriber Ubuntu Server |
2023-03-22 20:36:52 |
Lucas Kanashiro |
tags |
|
server-todo |
|
2023-03-22 21:52:31 |
Lucas Kanashiro |
description |
This bug tracks an update for the HAProxy package in the following Ubuntu
releases to the versions below:
* Kinetic (22.10): HAProxy 2.4.22
* Jammy (22.04): HAProxy 2.4.22
* Focal (20.04): HAProxy 2.0.31
These updates include bugfixes only following the SRU policy exception defined
at https://wiki.ubuntu.com/StableReleaseUpdates/HAProxyUpdates.
[Upstream changes]
Changelog of version 2.4.22:
http://git.haproxy.org/?p=haproxy-2.4.git;a=blob;f=CHANGELOG;h=d59309ffed498206bd15775e59bca154ee9d4b0d;hb=HEAD
Important bug fixes in 2.4.22 according to the upstream changelog:
- BUG/MAJOR: log-forward: Fix log-forward proxies not fully initialized
- BUG/MAJOR: mworker: fix infinite loop on master with no proxies.
- BUG/MAJOR: stick-tables: do not try to index a server name for applets
- BUG/MAJOR: stick-table: don't process store-response rules for applets
- BUG/MAJOR: fcgi: Fix uninitialized reserved bytes
- BUG/MAJOR: buf: Fix copy of wrapping output data when a buffer is realigned
- BUG/CRITICAL: http: properly reject empty http header field names
I fixes CVE-2023-25725.
Changelog of version 2.0.31:
http://git.haproxy.org/?p=haproxy-2.0.git;a=blob;f=CHANGELOG;h=4b5713fb700f1d2a308ea8fdd18ef098efe0310a;hb=HEAD
Important bug fixes in 2.0.31 according to the upstream changelog:
- BUG/MAJOR: stick-tables: do not try to index a server name for applets
- BUG/MAJOR: stick-table: don't process store-response rules for applets
- BUG/MAJOR: buf: Fix copy of wrapping output data when a buffer is realigned
- BUG/CRITICAL: http: properly reject empty http header field names
It fixes CVE-2023-25725.
[Test Plan]
Upstream CI tests results for 2.4.22:
https://github.com/lucaskanashiro/haproxy/actions?query=branch%3Abranch-v2.4.22
Upstream CI tests results for 2.0.31:
https://github.com/lucaskanashiro/haproxy/actions?query=branch%3Abranch-v2.0.31
Upstream is not pushing the stable branches to Github, so I am running the tests in my fork (the results above). I sent an email to their mailing list to see if they can push those changes to Github but no one replied to me so far.
TODO: auutopkgtest
[Regression Potential]
HAProxy itself does not have many reverse dependencies, however, any upgrade is
a risk to introduce some breakage to other packages. Whenever a test failure is
detected, we will be on top of it and make sure it doesn't affect existing
users. |
This bug tracks an update for the HAProxy package in the following Ubuntu
releases to the versions below:
* Kinetic (22.10): HAProxy 2.4.22
* Jammy (22.04): HAProxy 2.4.22
* Focal (20.04): HAProxy 2.0.31
These updates include bugfixes only following the SRU policy exception defined
at https://wiki.ubuntu.com/StableReleaseUpdates/HAProxyUpdates.
[Upstream changes]
Changelog of version 2.4.22:
http://git.haproxy.org/?p=haproxy-2.4.git;a=blob;f=CHANGELOG;h=d59309ffed498206bd15775e59bca154ee9d4b0d;hb=HEAD
Important bug fixes in 2.4.22 according to the upstream changelog:
- BUG/MAJOR: log-forward: Fix log-forward proxies not fully initialized
- BUG/MAJOR: mworker: fix infinite loop on master with no proxies.
- BUG/MAJOR: stick-tables: do not try to index a server name for applets
- BUG/MAJOR: stick-table: don't process store-response rules for applets
- BUG/MAJOR: fcgi: Fix uninitialized reserved bytes
- BUG/MAJOR: buf: Fix copy of wrapping output data when a buffer is realigned
- BUG/CRITICAL: http: properly reject empty http header field names
I fixes CVE-2023-25725.
Changelog of version 2.0.31:
http://git.haproxy.org/?p=haproxy-2.0.git;a=blob;f=CHANGELOG;h=4b5713fb700f1d2a308ea8fdd18ef098efe0310a;hb=HEAD
Important bug fixes in 2.0.31 according to the upstream changelog:
- BUG/MAJOR: stick-tables: do not try to index a server name for applets
- BUG/MAJOR: stick-table: don't process store-response rules for applets
- BUG/MAJOR: buf: Fix copy of wrapping output data when a buffer is realigned
- BUG/CRITICAL: http: properly reject empty http header field names
It fixes CVE-2023-25725.
[Test Plan]
Upstream CI tests results for 2.4.22:
https://github.com/lucaskanashiro/haproxy/actions?query=branch%3Abranch-v2.4.22
Upstream CI tests results for 2.0.31:
https://github.com/lucaskanashiro/haproxy/actions?query=branch%3Abranch-v2.0.31
Upstream is not pushing the stable branches to Github, so I am running the tests in my fork (the results above). I sent an email to their mailing list to see if they can push those changes to Github but no one replied to me so far.
autopkgtest summary in Kinetic:
autopkgtest [18:52:16]: @@@@@@@@@@@@@@@@@@@@ summary
cli PASS
proxy-localhost PASS
proxy-ssl-termination PASS
proxy-ssl-pass-through PASS
autopkgtest summary in Jammy:
autopkgtest [18:37:20]: @@@@@@@@@@@@@@@@@@@@ summary
cli PASS
proxy-localhost PASS
autopkgtest summary in Focal:
autopkgtest [18:17:03]: @@@@@@@@@@@@@@@@@@@@ summary
cli PASS
proxy-localhost PASS
[Regression Potential]
HAProxy itself does not have many reverse dependencies, however, any upgrade is
a risk to introduce some breakage to other packages. Whenever a test failure is
detected, we will be on top of it and make sure it doesn't affect existing
users. |
|
2023-03-22 21:55:13 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~lucaskanashiro/ubuntu/+source/haproxy/+git/haproxy/+merge/429079 |
|
2023-03-22 22:09:42 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~lucaskanashiro/ubuntu/+source/haproxy/+git/haproxy/+merge/439425 |
|
2023-03-22 22:11:27 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~lucaskanashiro/ubuntu/+source/haproxy/+git/haproxy/+merge/439426 |
|
2023-03-22 22:15:49 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~lucaskanashiro/ubuntu/+source/haproxy/+git/haproxy/+merge/439428 |
|
2023-03-22 22:16:50 |
Lucas Kanashiro |
merge proposal unlinked |
https://code.launchpad.net/~lucaskanashiro/ubuntu/+source/haproxy/+git/haproxy/+merge/429079 |
|
|
2023-03-22 22:17:11 |
Lucas Kanashiro |
haproxy (Ubuntu Focal): status |
New |
In Progress |
|
2023-03-22 22:17:14 |
Lucas Kanashiro |
haproxy (Ubuntu Jammy): status |
New |
In Progress |
|
2023-03-22 22:17:16 |
Lucas Kanashiro |
haproxy (Ubuntu Kinetic): status |
New |
In Progress |
|
2023-04-04 17:58:50 |
Andreas Hasenack |
description |
This bug tracks an update for the HAProxy package in the following Ubuntu
releases to the versions below:
* Kinetic (22.10): HAProxy 2.4.22
* Jammy (22.04): HAProxy 2.4.22
* Focal (20.04): HAProxy 2.0.31
These updates include bugfixes only following the SRU policy exception defined
at https://wiki.ubuntu.com/StableReleaseUpdates/HAProxyUpdates.
[Upstream changes]
Changelog of version 2.4.22:
http://git.haproxy.org/?p=haproxy-2.4.git;a=blob;f=CHANGELOG;h=d59309ffed498206bd15775e59bca154ee9d4b0d;hb=HEAD
Important bug fixes in 2.4.22 according to the upstream changelog:
- BUG/MAJOR: log-forward: Fix log-forward proxies not fully initialized
- BUG/MAJOR: mworker: fix infinite loop on master with no proxies.
- BUG/MAJOR: stick-tables: do not try to index a server name for applets
- BUG/MAJOR: stick-table: don't process store-response rules for applets
- BUG/MAJOR: fcgi: Fix uninitialized reserved bytes
- BUG/MAJOR: buf: Fix copy of wrapping output data when a buffer is realigned
- BUG/CRITICAL: http: properly reject empty http header field names
I fixes CVE-2023-25725.
Changelog of version 2.0.31:
http://git.haproxy.org/?p=haproxy-2.0.git;a=blob;f=CHANGELOG;h=4b5713fb700f1d2a308ea8fdd18ef098efe0310a;hb=HEAD
Important bug fixes in 2.0.31 according to the upstream changelog:
- BUG/MAJOR: stick-tables: do not try to index a server name for applets
- BUG/MAJOR: stick-table: don't process store-response rules for applets
- BUG/MAJOR: buf: Fix copy of wrapping output data when a buffer is realigned
- BUG/CRITICAL: http: properly reject empty http header field names
It fixes CVE-2023-25725.
[Test Plan]
Upstream CI tests results for 2.4.22:
https://github.com/lucaskanashiro/haproxy/actions?query=branch%3Abranch-v2.4.22
Upstream CI tests results for 2.0.31:
https://github.com/lucaskanashiro/haproxy/actions?query=branch%3Abranch-v2.0.31
Upstream is not pushing the stable branches to Github, so I am running the tests in my fork (the results above). I sent an email to their mailing list to see if they can push those changes to Github but no one replied to me so far.
autopkgtest summary in Kinetic:
autopkgtest [18:52:16]: @@@@@@@@@@@@@@@@@@@@ summary
cli PASS
proxy-localhost PASS
proxy-ssl-termination PASS
proxy-ssl-pass-through PASS
autopkgtest summary in Jammy:
autopkgtest [18:37:20]: @@@@@@@@@@@@@@@@@@@@ summary
cli PASS
proxy-localhost PASS
autopkgtest summary in Focal:
autopkgtest [18:17:03]: @@@@@@@@@@@@@@@@@@@@ summary
cli PASS
proxy-localhost PASS
[Regression Potential]
HAProxy itself does not have many reverse dependencies, however, any upgrade is
a risk to introduce some breakage to other packages. Whenever a test failure is
detected, we will be on top of it and make sure it doesn't affect existing
users. |
This bug tracks an update for the HAProxy package in the following Ubuntu
releases to the versions below:
* Kinetic (22.10): HAProxy 2.4.22
* Jammy (22.04): HAProxy 2.4.22
* Focal (20.04): HAProxy 2.0.31
These updates include bugfixes only following the SRU policy exception defined
at https://wiki.ubuntu.com/HAProxyUpdates.
[Upstream changes]
Changelog of version 2.4.22:
http://git.haproxy.org/?p=haproxy-2.4.git;a=blob;f=CHANGELOG;h=d59309ffed498206bd15775e59bca154ee9d4b0d;hb=HEAD
Important bug fixes in 2.4.22 according to the upstream changelog:
- BUG/MAJOR: log-forward: Fix log-forward proxies not fully initialized
- BUG/MAJOR: mworker: fix infinite loop on master with no proxies.
- BUG/MAJOR: stick-tables: do not try to index a server name for applets
- BUG/MAJOR: stick-table: don't process store-response rules for applets
- BUG/MAJOR: fcgi: Fix uninitialized reserved bytes
- BUG/MAJOR: buf: Fix copy of wrapping output data when a buffer is realigned
- BUG/CRITICAL: http: properly reject empty http header field names
I fixes CVE-2023-25725.
Changelog of version 2.0.31:
http://git.haproxy.org/?p=haproxy-2.0.git;a=blob;f=CHANGELOG;h=4b5713fb700f1d2a308ea8fdd18ef098efe0310a;hb=HEAD
Important bug fixes in 2.0.31 according to the upstream changelog:
- BUG/MAJOR: stick-tables: do not try to index a server name for applets
- BUG/MAJOR: stick-table: don't process store-response rules for applets
- BUG/MAJOR: buf: Fix copy of wrapping output data when a buffer is realigned
- BUG/CRITICAL: http: properly reject empty http header field names
It fixes CVE-2023-25725.
[Test Plan]
Upstream CI tests results for 2.4.22:
https://github.com/lucaskanashiro/haproxy/actions?query=branch%3Abranch-v2.4.22
Upstream CI tests results for 2.0.31:
https://github.com/lucaskanashiro/haproxy/actions?query=branch%3Abranch-v2.0.31
Upstream is not pushing the stable branches to Github, so I am running the tests in my fork (the results above). I sent an email to their mailing list to see if they can push those changes to Github but no one replied to me so far.
autopkgtest summary in Kinetic:
autopkgtest [18:52:16]: @@@@@@@@@@@@@@@@@@@@ summary
cli PASS
proxy-localhost PASS
proxy-ssl-termination PASS
proxy-ssl-pass-through PASS
autopkgtest summary in Jammy:
autopkgtest [18:37:20]: @@@@@@@@@@@@@@@@@@@@ summary
cli PASS
proxy-localhost PASS
autopkgtest summary in Focal:
autopkgtest [18:17:03]: @@@@@@@@@@@@@@@@@@@@ summary
cli PASS
proxy-localhost PASS
[Regression Potential]
HAProxy itself does not have many reverse dependencies, however, any upgrade is
a risk to introduce some breakage to other packages. Whenever a test failure is
detected, we will be on top of it and make sure it doesn't affect existing
users. |
|
2023-04-05 21:13:12 |
Lucas Kanashiro |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2023-04-14 18:41:44 |
Steve Langasek |
haproxy (Ubuntu Focal): status |
In Progress |
Fix Committed |
|
2023-04-14 18:41:48 |
Steve Langasek |
bug |
|
|
added subscriber SRU Verification |
2023-04-14 18:41:51 |
Steve Langasek |
tags |
server-todo |
server-todo verification-needed verification-needed-focal |
|
2023-04-14 20:03:30 |
Steve Langasek |
haproxy (Ubuntu Kinetic): status |
In Progress |
Fix Committed |
|
2023-04-14 20:03:35 |
Steve Langasek |
tags |
server-todo verification-needed verification-needed-focal |
server-todo verification-needed verification-needed-focal verification-needed-kinetic |
|
2023-04-14 20:04:41 |
Steve Langasek |
haproxy (Ubuntu Jammy): status |
In Progress |
Fix Committed |
|
2023-04-14 20:04:48 |
Steve Langasek |
tags |
server-todo verification-needed verification-needed-focal verification-needed-kinetic |
server-todo verification-needed verification-needed-focal verification-needed-jammy verification-needed-kinetic |
|
2023-04-17 12:50:12 |
Lucas Kanashiro |
tags |
server-todo verification-needed verification-needed-focal verification-needed-jammy verification-needed-kinetic |
server-todo verification-done verification-done-focal verification-done-jammy verification-done-kinetic |
|
2023-04-26 04:42:42 |
Launchpad Janitor |
haproxy (Ubuntu Focal): status |
Fix Committed |
Fix Released |
|
2023-04-26 04:42:42 |
Launchpad Janitor |
cve linked |
|
2023-0056 |
|
2023-04-26 04:42:42 |
Launchpad Janitor |
cve linked |
|
2023-25725 |
|
2023-04-26 04:42:47 |
Chris Halse Rogers |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
2023-04-26 04:42:58 |
Launchpad Janitor |
haproxy (Ubuntu Jammy): status |
Fix Committed |
Fix Released |
|
2023-04-26 04:42:58 |
Launchpad Janitor |
cve linked |
|
2023-0836 |
|
2023-04-26 04:43:11 |
Launchpad Janitor |
haproxy (Ubuntu Kinetic): status |
Fix Committed |
Fix Released |
|