Update to 1.8.15

2018-12-13 10:37:59 -06:00 · 2018-12-13 10:37:59 -06:00 · 9a3483aa95
commit 9a3483aa95
parent 73dccb20ca
3 changed files with 9 additions and 6 deletions
--- a/.gitignore
+++ b/.gitignore
@ -53,3 +53,4 @@ haproxy-1.4.8.tar.gz
 /haproxy-1.8.12.tar.gz
 /haproxy-1.8.13.tar.gz
 /haproxy-1.8.14.tar.gz
+/haproxy-1.8.15.tar.gz
--- a/haproxy.spec
+++ b/haproxy.spec
@ -7,8 +7,8 @@
 %global _hardened_build 1

 Name:           haproxy
-Version:        1.8.14
-Release:        2%{?dist}
+Version:        1.8.15
+Release:        1%{?dist}
 Summary:        HAProxy reverse proxy for high availability environments

 Group:          System Environment/Daemons
@ -22,8 +22,6 @@ Source3:        %{name}.logrotate
 Source4:        %{name}.sysconfig
 Source5:        halog.1

-Patch0: 0001-BUG-MEDIUM-auth-threads-use-of-crypt-not-thread-safe.patch
-
 BuildRequires:  gcc
 BuildRequires:  lua-devel
 BuildRequires:  pcre-devel
@ -53,7 +51,6 @@ availability environments. Indeed, it can:

 %prep
 %setup -q
-%patch0 -p1

 %build
 regparm_opts=
@ -138,6 +135,11 @@ exit 0
 %{_mandir}/man1/*

 %changelog
+* Thu Dec 13 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.15-1
+- Update to 1.8.15
+- Fix denial of service attack via infinite recursion (CVE-2018-20103, #1658881)
+- Fix out-of-bound reads in dns_validate_dns_response (CVE-2018-20102, #1658882)
+
 * Sat Dec 01 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.14-2
 - Use of crpyt() is not thread safe (#1643941)

--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (haproxy-1.8.14.tar.gz) = 17727c19e0439a2b45be2ec583cd2ce30d1af2bf48bd3cdb2dce1eff670ab8b24d93eaa7bebb410947528d1ad88c3856495e498fff518620efbd32b9adf4eb66
+SHA512 (haproxy-1.8.15.tar.gz) = 425e1f3a9ab2c2d09934c5d783ad986bd61a638ba6466dd15c20c5b6e7fc3dfad7c398e10bbd336a856ccad29bab0f23e4b9c3d0f17a54b86c8b917e4b974bcb