Compare commits

...

No commits in common. "c8" and "c9-beta" have entirely different histories.
c8 ... c9-beta

7 changed files with 226 additions and 150 deletions

2
.gitignore vendored
View File

@ -1 +1 @@
SOURCES/haproxy-1.8.27.tar.gz SOURCES/haproxy-2.4.22.tar.gz

View File

@ -1 +1 @@
5a8a12d07da986d2ecba5f57a07a9e68fe597bfd SOURCES/haproxy-1.8.27.tar.gz d0654cbab48039d998fca2459ce9251c6dbf2ae8 SOURCES/haproxy-2.4.22.tar.gz

View File

@ -4,14 +4,14 @@ After=network-online.target
Wants=network-online.target Wants=network-online.target
[Service] [Service]
EnvironmentFile=-/etc/sysconfig/haproxy
Environment="CONFIG=/etc/haproxy/haproxy.cfg" "PIDFILE=/run/haproxy.pid" "CFGDIR=/etc/haproxy/conf.d" Environment="CONFIG=/etc/haproxy/haproxy.cfg" "PIDFILE=/run/haproxy.pid" "CFGDIR=/etc/haproxy/conf.d"
EnvironmentFile=/etc/sysconfig/haproxy
ExecStartPre=/usr/sbin/haproxy -f $CONFIG -f $CFGDIR -c -q $OPTIONS ExecStartPre=/usr/sbin/haproxy -f $CONFIG -f $CFGDIR -c -q $OPTIONS
ExecStart=/usr/sbin/haproxy -Ws -f $CONFIG -f $CFGDIR -p $PIDFILE $OPTIONS ExecStart=/usr/sbin/haproxy -Ws -f $CONFIG -f $CFGDIR -p $PIDFILE $OPTIONS
ExecReload=/usr/sbin/haproxy -f $CONFIG -f $CFGDIR -c -q $OPTIONS ExecReload=/usr/sbin/haproxy -f $CONFIG -f $CFGDIR -c -q $OPTIONS
ExecReload=/bin/kill -USR2 $MAINPID ExecReload=/bin/kill -USR2 $MAINPID
SuccessExitStatus=143
KillMode=mixed KillMode=mixed
SuccessExitStatus=143
Type=notify Type=notify
[Install] [Install]

1
SOURCES/haproxy.sysusers Normal file
View File

@ -0,0 +1 @@
u haproxy - "haproxy" /var/lib/haproxy

View File

@ -1,45 +0,0 @@
From 58b3d8676bbef52bc76dd79ecfcf74582c34ec97 Mon Sep 17 00:00:00 2001
From: William Lallemand <wlallemand@haproxy.org>
Date: Thu, 17 Dec 2020 18:48:06 +0100
Subject: [PATCH] BUG/MEDIUM: mworker: fix again copy_argv()
When backporting patch df6c5a8 ("BUG/MEDIUM: mworker: fix the copy of
options in copy_argv()") part of the patch was removed by mistake.
Letting the bug #644 unfixed.
This patch fixes the problem by reintroducing the missing part.
1.8 only, no backport needed.
---
src/haproxy.c | 15 +++++++++++++++
1 file changed, 15 insertions(+)
diff --git a/src/haproxy.c b/src/haproxy.c
index 5ddf4d05..3947505b 100644
--- a/src/haproxy.c
+++ b/src/haproxy.c
@@ -1328,6 +1328,21 @@ static char **copy_argv(int argc, char **argv)
}
break;
+ case 'C':
+ case 'n':
+ case 'm':
+ case 'N':
+ case 'L':
+ case 'f':
+ case 'p':
+ /* these options have only 1 parameter which must be copied and can start with a '-' */
+ *newargv++ = *argv++;
+ argc--;
+ if (argc == 0)
+ goto error;
+ *newargv++ = *argv++;
+ argc--;
+ break;
default:
/* for other options just copy them without parameters, this is also done
* for options like "--foo", but this will fail in the argument parser.
--
2.26.2

View File

@ -1,25 +0,0 @@
From eaf1d768085a924a5322cfc77439ba5a4945bbae Mon Sep 17 00:00:00 2001
From: Ryan O'Hara <rohara@redhat.com>
Date: Thu, 14 Oct 2021 14:08:39 -0500
Subject: [PATCH] Fix short HTTP responses to client
---
src/raw_sock.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/raw_sock.c b/src/raw_sock.c
index ad0210105..fbf20ae35 100644
--- a/src/raw_sock.c
+++ b/src/raw_sock.c
@@ -302,7 +302,7 @@ static int raw_sock_to_buf(struct connection *conn, struct buffer *buf, int coun
if (ret > 0) {
buf->i += ret;
done += ret;
- if (ret < try) {
+ if (0 && ret < try) {
/* unfortunately, on level-triggered events, POLL_HUP
* is generally delivered AFTER the system buffer is
* empty, unless the poller supports POLL_RDHUP. If
--
2.31.1

View File

@ -7,35 +7,32 @@
%global _hardened_build 1 %global _hardened_build 1
Name: haproxy Name: haproxy
Version: 1.8.27 Version: 2.4.22
Release: 5%{?dist} Release: 1%{?dist}
Summary: HAProxy reverse proxy for high availability environments Summary: HAProxy reverse proxy for high availability environments
Group: System Environment/Daemons
License: GPLv2+ License: GPLv2+
URL: http://www.haproxy.org/ URL: http://www.haproxy.org/
Source0: http://www.haproxy.org/download/1.8/src/haproxy-%{version}.tar.gz Source0: %{url}/download/2.4/src/haproxy-%{version}.tar.gz
Source1: %{name}.service Source1: %{name}.service
Source2: %{name}.cfg Source2: %{name}.cfg
Source3: %{name}.logrotate Source3: %{name}.logrotate
Source4: %{name}.sysconfig Source4: %{name}.sysconfig
Source5: halog.1 Source5: %{name}.sysusers
Source6: halog.1
Patch0: rhbz1838319-mworker-fix-again-copy_argv.patch
Patch1: rhbz1941446-fix-short-http-responses.patch
BuildRequires: gcc
BuildRequires: lua-devel BuildRequires: lua-devel
BuildRequires: pcre-devel BuildRequires: pcre2-devel
BuildRequires: zlib-devel
BuildRequires: openssl-devel BuildRequires: openssl-devel
BuildRequires: systemd-devel BuildRequires: systemd-devel
BuildRequires: systemd-units BuildRequires: systemd
BuildRequires: systemd-rpm-macros
BuildRequires: make
Requires(pre): shadow-utils Requires(pre): shadow-utils
Requires(post): systemd %{?systemd_requires}
Requires(preun): systemd
Requires(postun): systemd
%description %description
HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high
@ -53,8 +50,6 @@ availability environments. Indeed, it can:
%prep %prep
%setup -q %setup -q
%patch0 -p1
%patch1 -p1
%build %build
regparm_opts= regparm_opts=
@ -62,14 +57,12 @@ regparm_opts=
regparm_opts="USE_REGPARM=1" regparm_opts="USE_REGPARM=1"
%endif %endif
%{__make} %{?_smp_mflags} CPU="generic" TARGET="linux2628" USE_OPENSSL=1 USE_PCRE=1 USE_ZLIB=1 USE_LUA=1 USE_CRYPT_H=1 USE_SYSTEMD=1 USE_LINUX_TPROXY=1 USE_GETADDRINFO=1 ${regparm_opts} ADDINC="%{optflags}" ADDLIB="%{__global_ldflags}" %{__make} %{?_smp_mflags} CPU="generic" TARGET="linux-glibc" USE_OPENSSL=1 USE_PCRE2=1 USE_SLZ=1 USE_LUA=1 USE_CRYPT_H=1 USE_SYSTEMD=1 USE_LINUX_TPROXY=1 USE_GETADDRINFO=1 USE_PROMEX=1 ${regparm_opts} ADDINC="%{build_cflags}" ADDLIB="%{build_ldflags}"
pushd contrib/halog %{__make} admin/halog/halog ADDINC="%{build_cflags}" ADDLIB="%{build_ldflags}"
%{__make} ${halog} OPTIMIZE="%{optflags} %{build_ldflags}" LDFLAGS=
popd
pushd contrib/iprange pushd admin/iprange
%{__make} ${iprange} OPTIMIZE="%{optflags} %{build_ldflags}" LDFLAGS= %{__make} OPTIMIZE="%{build_cflags}" LDFLAGS="%{build_ldflags}"
popd popd
%install %install
@ -80,14 +73,15 @@ popd
%{__install} -p -D -m 0644 %{SOURCE2} %{buildroot}%{haproxy_confdir}/%{name}.cfg %{__install} -p -D -m 0644 %{SOURCE2} %{buildroot}%{haproxy_confdir}/%{name}.cfg
%{__install} -p -D -m 0644 %{SOURCE3} %{buildroot}%{_sysconfdir}/logrotate.d/%{name} %{__install} -p -D -m 0644 %{SOURCE3} %{buildroot}%{_sysconfdir}/logrotate.d/%{name}
%{__install} -p -D -m 0644 %{SOURCE4} %{buildroot}%{_sysconfdir}/sysconfig/%{name} %{__install} -p -D -m 0644 %{SOURCE4} %{buildroot}%{_sysconfdir}/sysconfig/%{name}
%{__install} -p -D -m 0644 %{SOURCE5} %{buildroot}%{_mandir}/man1/halog.1 %{__install} -p -D -m 0644 %{SOURCE5} %{buildroot}%{_sysusersdir}/%{name}.conf
%{__install} -p -D -m 0644 %{SOURCE6} %{buildroot}%{_mandir}/man1/halog.1
%{__install} -d -m 0755 %{buildroot}%{haproxy_homedir} %{__install} -d -m 0755 %{buildroot}%{haproxy_homedir}
%{__install} -d -m 0755 %{buildroot}%{haproxy_datadir} %{__install} -d -m 0755 %{buildroot}%{haproxy_datadir}
%{__install} -d -m 0755 %{buildroot}%{haproxy_confdir}/conf.d %{__install} -d -m 0755 %{buildroot}%{haproxy_confdir}/conf.d
%{__install} -d -m 0755 %{buildroot}%{_bindir} %{__install} -d -m 0755 %{buildroot}%{_bindir}
%{__install} -p -m 0755 ./contrib/halog/halog %{buildroot}%{_bindir}/halog %{__install} -p -m 0755 ./admin/halog/halog %{buildroot}%{_bindir}/halog
%{__install} -p -m 0755 ./contrib/iprange/iprange %{buildroot}%{_bindir}/iprange %{__install} -p -m 0755 ./admin/iprange/iprange %{buildroot}%{_bindir}/iprange
%{__install} -p -m 0644 ./examples/errorfiles/* %{buildroot}%{haproxy_datadir} %{__install} -p -m 0755 ./admin/iprange/ip6range %{buildroot}%{_bindir}/ip6range
for httpfile in $(find ./examples/errorfiles/ -type f) for httpfile in $(find ./examples/errorfiles/ -type f)
do do
@ -106,12 +100,7 @@ do
done done
%pre %pre
getent group %{haproxy_group} >/dev/null || \ %sysusers_create_compat %{SOURCE5}
groupadd -r %{haproxy_group}
getent passwd %{haproxy_user} >/dev/null || \
useradd -r -g %{haproxy_user} -d %{haproxy_homedir} \
-s /sbin/nologin -c "haproxy" %{haproxy_user}
exit 0
%post %post
%systemd_post %{name}.service %systemd_post %{name}.service
@ -123,7 +112,6 @@ exit 0
%systemd_postun_with_restart %{name}.service %systemd_postun_with_restart %{name}.service
%files %files
%defattr(-,root,root,-)
%doc doc/* examples/* %doc doc/* examples/*
%doc CHANGELOG README ROADMAP VERSION %doc CHANGELOG README ROADMAP VERSION
%license LICENSE %license LICENSE
@ -139,70 +127,227 @@ exit 0
%{_sbindir}/%{name} %{_sbindir}/%{name}
%{_bindir}/halog %{_bindir}/halog
%{_bindir}/iprange %{_bindir}/iprange
%{_bindir}/ip6range
%{_mandir}/man1/* %{_mandir}/man1/*
%{_sysusersdir}/%{name}.conf
%changelog %changelog
* Fri Jun 03 2022 Ryan O'Hara <rohara@redhat.com> - 1.8.27-5 * Tue Jun 06 2023 Ryan O'Hara <rohara@redhat.com> - 2.4.22-1
- Add configuration directory and update systemd unit file (#1943869) - Update to 2.4.22 (#2196530)
* Tue Jan 18 2022 Ryan O'Hara <rohara@redhat.com> - 1.8.27-4 * Tue May 02 2023 Ryan O'Hara <rohara@redhat.com> - 2.4.17-7
- Apply patch (#1941446) - Fix uninitizalized resevered bytes (CVE-2023-0836, #2180861)
* Fri Oct 15 2021 Ryan O'Hara <rohara@redhat.com> - 1.8.27-3 * Mon Feb 27 2023 Ryan O'Hara <rohara@redhat.com> - 2.4.17-6
- Fix short HTTP responses (#1941446) - Reject empty http header field names (CVE-2023-25725, #2169510)
* Thu Dec 17 2020 Ryan O'Hara <rohara@redhat.com> - 1.8.27-2 * Mon Feb 27 2023 Ryan O'Hara <rohara@redhat.com> - 2.4.17-5
- Fix copy_argv for arguments that begin with hypen (#1838319) - Refuse interim responses with end-stream flag set (CVE-2023-0056, #2161140)
* Thu Dec 10 2020 Ryan O'Hara <rohara@redhat.com> - 1.8.27-1 * Wed Nov 30 2022 Ryan O'Hara <rohara@redhat.com> - 2.4.17-4
- Update to 1.8.27 (#1905663, #1838319) - Use systemd-sysusers for user/group creation (#2095422)
* Thu Jun 18 2020 Ryan O'Hara <rohara@redhat.com> - 1.8.23-5 * Mon Jul 25 2022 Ryan O'Hara <rohara@redhat.com> - 2.4.17-3
- Use OPTIONS from systemd EnvironmentFile (#1845611) - Fix changelog and rebuild
* Wed Jun 17 2020 Ryan O'Hara <rohara@redhat.com> - 1.8.23-4 * Wed Jun 08 2022 Ryan O'Hara <rohara@redhat.com> - 2.4.17-2
- Wait for network to be online before starting (#1756714) - Add configuration directory and update systemd unit file (#2093482)
* Wed Apr 01 2020 Ryan O'Hara <rohara@redhat.com> - 1.8.23-3 * Wed May 25 2022 Ryan O'Hara <rohara@redhat.com> - 2.4.17-1
- Fix hapack zero byte input causing overwrite (CVE-2020-11100, #1819519) - Update to 2.4.17 #(2088532)
- Fix unbound loop when Set-Cookie2 header is present (#2070448)
* Fri Dec 13 2019 Ryan O'Hara <rohara@redhat.com> - 1.8.23-2 * Wed Oct 13 2021 Ryan O'Hara <rohara@redhat.com> - 2.4.7-1
- Consider exist status 143 as success (#1778844) - Update to 2.4.7 (#1966688)
- Fix domain parts in :scheme and :path fields (CVE-2021-39240, #1998196)
- Fix spaces in the :method field (CVE-2021-39241, #1998198)
- Fix mismatch between :authority and Host fields (CVE-2021-39242, #1998200)
- Fix request smuggling attack or response splitting (CVE-2021-40346, #2000621)
* Mon Dec 02 2019 Ryan O'Hara <rohara@redhat.com> - 1.8.23-1 * Tue Aug 17 2021 Ryan O'Hara <rohara@redhat.com> - 2.4.3-1
- Update to 1.8.23 (#1774745) - Update to 2.4.3 (#1966688)
* Fri Jul 19 2019 Ryan O'Hara <rohara@redhat.com> - 1.8.15-6 * Tue Aug 10 2021 Ryan O'Hara <rohara@redhat.com> - 2.4.2-8
- Add gating tests (#1682106) - Add gating tests (#1966688)
* Wed Jan 09 2019 Ryan O'Hara <rohara@redhat.com> - 1.8.15-5 * Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 2.4.2-7
- Resolve CVE-2018-20615 (#1664533) - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Sun Dec 16 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.15-4 * Sat Aug 07 2021 Ryan O'Hara <rohara@redhat.com> - 2.4.2-6
- Use empty LDFLAGS to prevent stripping, maintain hardened build - Ignore badfuncs error in rpminspect (#1966688)
* Sat Dec 15 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.15-3 * Wed Aug 04 2021 Lukas Javorsky <ljavorsk@redhat.com> - 2.4.2-5
- Use LDFLAGS when building contib tools to prevent binary stripping - Second rebuild against pcre2-10.37 (bug #1970765)
* Fri Dec 14 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.15-2 * Tue Aug 03 2021 Ryan O'Hara <rohara@redhat.com> - 2.4.2-4
- Bump release - Apply patch to fix OpenSSL 3.0 build (#1984786)
* Mon Aug 02 2021 Ryan O'Hara <rohara@redhat.com> - 2.4.2-3
- Fix OpenSSL 3.0 build (#1984786)
* Wed Jul 28 2021 Lukas Javorsky <ljavorsk@redhat.com> - 2.4.2-2
- Rebuild against pcre2-10.37 (bug #1970765)
* Mon Jul 12 2021 Ryan O'Hara <rohara@redhat.com> - 2.4.2-1
- Update to 2.4.2 (#1966688)
* Wed Jun 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.4.0-3
- Rebuilt for RHEL 9 BETA for openssl 3.0
Related: rhbz#1971065
* Thu Jun 03 2021 Ryan O'Hara <rohara@redhat.com> - 2.4.0-2
- Fix hardened builds (#1966688)
* Tue Jun 01 2021 Ryan O'Hara <rohara@redhat.com> - 2.4.0-1
- Update to 2.4.0 (#1966688)
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.3.4-3
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Thu Jan 14 2021 Ryan O'Hara <rohara@redhat.com> - 2.3.4-1
- Update to 2.3.4 (#1914447)
* Tue Dec 08 2020 Ryan O'Hara <rohara@redhat.com> - 2.3.2-1
- Update to 2.3.2 (#1894994)
* Thu Oct 01 2020 Ryan O'Hara <rohara@redhat.com> - 2.2.4-1
- Update to 2.2.4 (#1883742)
* Thu Sep 17 2020 Ryan O'Hara <rohara@redhat.com> - 2.2.3-2
- Fix build for late loading of libgcc_s
* Mon Sep 14 2020 Ryan O'Hara <rohara@redhat.com> - 2.2.3-1
- Update to 2.2.3 (#1876932)
* Fri Jul 31 2020 Ryan O'Hara <rohara@redhat.com> - 2.2.2-1
- Update to 2.2.2 (#1862400)
* Mon Jul 27 2020 Ryan O'Hara <rohara@redhat.com> - 2.2.1-1
- Update to 2.2.1 (#1859846)
* Wed Jul 15 2020 Ryan O'Hara <rohara@redhat.com> - 2.2.0-3
- Update systemd service file
* Fri Jul 10 2020 Tom Callaway <spot@fedoraproject.org> - 2.2.0-2
- Fix build against lua 5.4
* Thu Jul 09 2020 Ryan O'Hara <rohara@redhat.com> - 2.2.0-1
- Update to 2.2.0 (#1854519)
* Mon Jun 15 2020 Ryan O'Hara <rohara@redhat.com> - 2.1.7-1
- Update to 2.1.7 (#1845001)
* Mon Jun 08 2020 Ryan O'Hara <rohara@redhat.com> - 2.1.6-1
- Update to 2.1.6 (#1845001)
* Mon Jun 01 2020 Ryan O'Hara <rohara@redhat.com> - 2.1.5-1
- Update to 2.1.5 (#1841837)
* Thu Apr 02 2020 Ryan O'Hara <rohara@redhat.com> - 2.1.4-1
- Update to 2.1.4 (CVE-2010-11100, #1820200)
* Mon Mar 16 2020 Ryan O'Hara <rohara@redhat.com> - 2.1.3-2
- Fix invalid element address calculation (#1801109)
* Wed Feb 12 2020 Ryan O'Hara <rohara@redhat.com> - 2.1.3-1
- Update to 2.1.3 (#1802233)
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Thu Jan 02 2020 Ryan O'Hara <rohara@redhat.com> - 2.1.2-1
- Update to 2.1.2 (#1782472)
* Mon Nov 25 2019 Ryan O'Hara <rohara@redhat.com> - 2.0.10-1
- Update to 2.0.10 (#1772961)
* Wed Nov 06 2019 Ryan O'Hara <rohara@redhat.com> - 2.0.8-1
- Update to 2.0.8 (#1764483)
* Mon Oct 21 2019 Ryan O'Hara <rohara@redhat.com> - 2.0.7-2
- Build with Prometheus exporter service (#1755839)
* Mon Oct 21 2019 Ryan O'Hara <rohara@redhat.com> - 2.0.7-1
- Update to 2.0.7 (#1742544)
* Fri Sep 13 2019 Ryan O'Hara <rohara@redhat.com> - 2.0.6-1
- Update to 2.0.6 (#1742544)
* Mon Aug 19 2019 Ryan O'Hara <rohara@redhat.com> - 2.0.5-1
- Update to 2.0.5 (#1742544)
* Tue Jul 30 2019 Ryan O'Hara <rohara@redhat.com> - 2.0.3-1
- Update to 2.0.3 (#1690492)
* Tue Jul 30 2019 Ryan O'Hara <rohara@redhat.com> - 1.8.20-3
- Build with PCRE2 (#1669217)
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.20-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Fri May 17 2019 Ryan O'Hara <rohara@redhat.com> - 1.8.20-1
- Update to 1.8.20
* Wed Feb 13 2019 Ryan O'Hara <rohara@redhat.com> - 1.8.19-1
- Update to 1.8.19
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.17-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Thu Jan 24 2019 Petr Pisar <ppisar@redhat.com> - 1.8.17-3
- Rebuild against patched libpcreposix library (bug #1667614)
* Mon Jan 14 2019 Björn Esser <besser82@fedoraproject.org> - 1.8.17-2
- Rebuilt for libcrypt.so.2 (#1666033)
* Wed Jan 09 2019 Ryan O'Hara <rohara@redhat.com> - 1.8.17-1
- Update to 1.8.17
- Fix handling of priority flag in HEADERS frame in HTTP/2 decoder (CVE-2018-20615)
* Sat Dec 22 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.16-1
- Update to 1.8.16
* Thu Dec 13 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.15-1 * Thu Dec 13 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.15-1
- Update to 1.8.15 (#1631815) - Update to 1.8.15
- Resolve CVE-2018-20102 (#1659017) - Fix denial of service attack via infinite recursion (CVE-2018-20103, #1658881)
- Resolve CVE-2018-20103 (#1659019) - Fix out-of-bound reads in dns_validate_dns_response (CVE-2018-20102, #1658882)
* Tue Oct 02 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.14-1 * Sat Dec 01 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.14-2
- Update to 1.8.14 (#1631815) - Use of crpyt() is not thread safe (#1643941)
- Resolve CVE-2018-14645 (#1631539)
* Wed Jul 25 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.12-2 * Thu Sep 20 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.14-1
- Fix ownership of /var/lib/haproxy/ to avoid selinux DAC override errors - Update to 1.8.14 (#1610066)
* Mon Jul 02 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.12-1 * Mon Aug 20 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.13-1
- Update to 1.8.12 - Update to 1.8.13 (#1610066)
- Resolve CVE-2018-10184 (#1569643)
- Resolve CVE-2018-11469 (#1584787) * Thu Aug 16 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.12-4
- Add BuildRequires gcc (#1604308)
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.12-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Tue Jul 10 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.12-2
- Fix ownership of /var/lib/haproxy/ to avoid selinux DAC override errors (#1597076)
* Thu Jun 28 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.12-1
- Update to 1.8.12 (#1580036)
* Wed Jun 27 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.11-1
- Update to 1.8.11 (#1580036)
* Mon Jun 25 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.10-1
- Update to 1.8.10 (#1580036)
* Mon May 21 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.9-1
- Update to 1.8.9 (#1580036)
* Thu May 10 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.8-2
- Build with USE_GETADDRINFO option
* Thu Apr 19 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.8-1 * Thu Apr 19 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.8-1
- Update to 1.8.8 (#1560121) - Update to 1.8.8 (#1560121)