OPENSUSE-SU-2019:0195-1 Security update for nginx

This update for nginx fixes the following issues: nginx was updated to 1.14.2: - Bugfix: nginx could not be built on Fedora 28 Linux. - Bugfix: in handling of client addresses when using unix domain listen sockets to work with datagrams on Linux. - Change: the logging level of the 'http request',...

OPENSUSE-SU-2019:0166-1 Security update for haproxy

This update for haproxy version 1.8.17 fixes the following issues: Security issues fixed: - CVE-2018-20615: Fixed a denial of service, triggered by mishandling the priority flag on short HEADERS frame in the HTTP/2 decoder bsc1121283 This update was imported from the SUSE:SLE-15:Update update...

CVE-2018-20615

An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-check...

CVE-2018-20615

An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-check...

Cross site scripting

An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-check...

CVE-2018-20615

CVE-2018-20615 describes an out-of-bounds read in HAProxy’s HTTP/2 decoder. Affected are HAProxy 1.8.x and 1.9.x up to 1.9.0. During processing of the PRIORITY flag in a HEADERS frame, an extra 5 bytes are skipped, but the total frame length was not re-checked to ensure those bytes are present, e...

CVE-2018-20615

An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-check...

CVE-2018-20615

An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-check...

RHEL 7 : OpenShift Container Platform 3.10 haproxy (RHSA-2019:0548)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:0548 advisory. The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security fixes: haproxy:...

RHEL 7 : OpenShift Container Platform 3.9 haproxy (RHSA-2019:0547)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:0547 advisory. The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security fixes: haproxy...

Updated apache packages fix security vulnerability

By sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 modhttp2 connections in Apache HTTP Server versions 2.4.37 and prior CVE-2018-17189. In Apache HTTP Serv...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 3.9 haproxy security update

An update for haproxy is now available for Red Hat OpenShift Container Platform 3.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Securing CDN Delivery with TLS at Massive Scale

The growth of HTTPS on the Internet Amidst ever-growing security concerns, providing protected Internet connections is more important than ever. The movement towards an Internet that places more emphasis on data integrity and confidentiality is taking place swiftly. HTTP connections are giving wa...

What's New in Web Performance? - March 2019

Organizations that do business on the web are at various stages in their digital transformation journey. Some are developing some of the most innovative and immersive digital experiences on the web, others are, for the first time, figuring out how to safely move applications to the cloud with...

HTTP/2 Will be Automatically Enabled by Default on the Akamai Intelligent Edge Platform

Users demand digital experiences that are fast, secure and visually engaging. To deliver on user expectations, companies craft web experiences that are richer and more interactive with the goal of driving more engagement. The result is increasingly complex websites that are comprised of high...

py-twisted -- multiple vulnerabilities

Twisted developers reports: All HTTP clients in twisted.web.client now raise a ValueError when called with a method and/or URL that contain invalid characters. This mitigates CVE-2019-12387. Thanks to Alex Brasetvik for reporting this vulnerability. The HTTP/2 server implementation now enforces T...

KLA12364 Multiple vulnerabilities in Apache HTTP Server

Multiple vulnerabilities were found in Apache HTTP Server. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service. Below is a complete list of vulnerabilities: 1. Security UI vulnerability in modsessioncookie can be exploited to spoof user interface. 2...

Guidance to adjust HTTP/2 SETTINGS frames

Executive Summary Microsoft is aware of a potential condition which can be triggered when malicious HTTP/2 requests are sent to a Windows Server with the http.sys service enabled. This could temporarily cause the system CPU usage to spike to 100% until the malicious connections are killed by...

openSUSE Security Update : nginx (openSUSE-2019-195)

This update for nginx fixes the following issues : nginx was updated to 1.14.2 : - Bugfix: nginx could not be built on Fedora 28 Linux. - Bugfix: in handling of client addresses when using unix domain listen sockets to work with datagrams on Linux. - Change: the logging level of the 'http request...

openSUSE: Security Advisory for nginx (openSUSE-SU-2019:0195-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...