Detections
Analytics

openSUSE Security Update : haproxy (openSUSE-2019-824)

medium Nessus Plugin ID 123348

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for haproxy to version 1.8.14 fixes the following issues :

These security issues were fixed :

 - CVE-2018-14645: A flaw was discovered in the HPACK decoder what caused an out-of-bounds read in hpack_valid_idx() that resulted in a remote crash and denial of service (bsc#1108683)

 - CVE-2018-11469: Incorrect caching of responses to requests including an Authorization header allowed attackers to achieve information disclosure via an unauthenticated remote request (bsc#1094846).

These non-security issues were fixed :

 - Require apparmor-abstractions to reduce dependencies (bsc#1100787)

 - hpack: fix improper sign check on the header index value

 - cli: make sure the 'getsock' command is only called on connections

 - tools: fix set_net_port() / set_host_port() on IPv4

 - patterns: fix possible double free when reloading a pattern list

 - server: Crash when setting FQDN via CLI.

 - kqueue: Don't reset the changes number by accident.

 - snapshot: take the proxy's lock while dumping errors

- http/threads: atomically increment the error snapshot ID

 - dns: check and link servers' resolvers right after config parsing

 - h2: fix risk of memory leak on malformated wrapped frames

 - session: fix reporting of handshake processing time in the logs

 - stream: use atomic increments for the request counter

 - thread: implement HA_ATOMIC_XADD()

 - ECC cert should work with TLS < v1.2 and openssl >= 1.1.1

 - dns/server: fix incomatibility between SRV resolution and server state file

 - hlua: Don't call RESET_SAFE_LJMP if SET_SAFE_LJMP returns 0.

 - thread: lua: Wrong SSL context initialization.

 - hlua: Make sure we drain the output buffer when done.

 - lua: reset lua transaction between http requests

 - mux_pt: dereference the connection with care in mux_pt_wake()

 - lua: Bad HTTP client request duration.

 - unix: provide a ->drain() function

 - Fix spelling error in configuration doc

 - cli/threads: protect some server commands against concurrent operations

 - cli/threads: protect all 'proxy' commands against concurrent updates

 - lua: socket timeouts are not applied

 - ssl: Use consistent naming for TLS protocols

 - dns: explain set server ... fqdn requires resolver

 - map: fix map_regm with backref

 - ssl: loading dh param from certifile causes unpredictable error.

 - ssl: fix missing error loading a keytype cert from a bundle.

 - ssl: empty connections reported as errors.

 - cli: make 'show fd' thread-safe

 - hathreads: implement a more flexible rendez-vous point

 - threads: fix the no-thread case after the change to the sync point

 - threads: add more consistency between certain variables in no-thread case

 - threads: fix the double CAS implementation for ARMv7

 - threads: Introduce double-width CAS on x86_64 and arm.

 - lua: possible CLOSE-WAIT state with '\n' headers

For additional changes please refer to the changelog.

This update was imported from the SUSE:SLE-15:Update update project.

Solution

Update the affected haproxy packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=1094846

https://bugzilla.opensuse.org/show_bug.cgi?id=1100787

https://bugzilla.opensuse.org/show_bug.cgi?id=1108683

Plugin Details

Severity: Medium

ID: 123348

File Name: openSUSE-2019-824.nasl

Version: 1.4

Type: local

Agent: unix

Published: 3/27/2019

Updated: 1/19/2021

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2018-11469

CVSS v3

Risk Factor: Medium

Base Score: 5.9

Temporal Score: 5.2

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:haproxy-debugsource, p-cpe:/a:novell:opensuse:haproxy, p-cpe:/a:novell:opensuse:haproxy-debuginfo, cpe:/o:novell:opensuse:15.0

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 3/23/2019

Vulnerability Publication Date: 5/25/2018

Reference Information

CVE: CVE-2018-11469, CVE-2018-14645