From 9a3483aa9551d2cc53ebac5abebb520a7196bf02 Mon Sep 17 00:00:00 2001 From: Ryan O'Hara Date: Thu, 13 Dec 2018 10:37:59 -0600 Subject: [PATCH] Update to 1.8.15 --- .gitignore | 1 + haproxy.spec | 12 +++++++----- sources | 2 +- 3 files changed, 9 insertions(+), 6 deletions(-) diff --git a/.gitignore b/.gitignore index 19af6f0..4c78e22 100644 --- a/.gitignore +++ b/.gitignore @@ -53,3 +53,4 @@ haproxy-1.4.8.tar.gz /haproxy-1.8.12.tar.gz /haproxy-1.8.13.tar.gz /haproxy-1.8.14.tar.gz +/haproxy-1.8.15.tar.gz diff --git a/haproxy.spec b/haproxy.spec index cb7e154..3a82ca4 100644 --- a/haproxy.spec +++ b/haproxy.spec @@ -7,8 +7,8 @@ %global _hardened_build 1 Name: haproxy -Version: 1.8.14 -Release: 2%{?dist} +Version: 1.8.15 +Release: 1%{?dist} Summary: HAProxy reverse proxy for high availability environments Group: System Environment/Daemons @@ -22,8 +22,6 @@ Source3: %{name}.logrotate Source4: %{name}.sysconfig Source5: halog.1 -Patch0: 0001-BUG-MEDIUM-auth-threads-use-of-crypt-not-thread-safe.patch - BuildRequires: gcc BuildRequires: lua-devel BuildRequires: pcre-devel @@ -53,7 +51,6 @@ availability environments. Indeed, it can: %prep %setup -q -%patch0 -p1 %build regparm_opts= @@ -138,6 +135,11 @@ exit 0 %{_mandir}/man1/* %changelog +* Thu Dec 13 2018 Ryan O'Hara - 1.8.15-1 +- Update to 1.8.15 +- Fix denial of service attack via infinite recursion (CVE-2018-20103, #1658881) +- Fix out-of-bound reads in dns_validate_dns_response (CVE-2018-20102, #1658882) + * Sat Dec 01 2018 Ryan O'Hara - 1.8.14-2 - Use of crpyt() is not thread safe (#1643941) diff --git a/sources b/sources index cb417f9..7dea0d1 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (haproxy-1.8.14.tar.gz) = 17727c19e0439a2b45be2ec583cd2ce30d1af2bf48bd3cdb2dce1eff670ab8b24d93eaa7bebb410947528d1ad88c3856495e498fff518620efbd32b9adf4eb66 +SHA512 (haproxy-1.8.15.tar.gz) = 425e1f3a9ab2c2d09934c5d783ad986bd61a638ba6466dd15c20c5b6e7fc3dfad7c398e10bbd336a856ccad29bab0f23e4b9c3d0f17a54b86c8b917e4b974bcb