From ${URL} : A denial of service vulnerability was reported [1],[2] in HAProxy 1.5dev23 through to and including 1.5.3, and 1.6-dev. A remote client could cause the HAProxy service to crash in specific conditions with a certain amount of server complicity (it must accept and slowly drain more than 2GB of data). There is no possibility of code execution or loss of data integrity. This is corrected in upstream version 1.5.4 [3]. [1] http://article.gmane.org/gmane.comp.web.haproxy/17726 [2] http://article.gmane.org/gmane.comp.web.haproxy/18097 [3] http://git.haproxy.org/?p=haproxy-1.5.git;a=commitdiff;h=b4d05093bc89f71377230228007e69a1434c1a0c @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
All affected version were in testing. There's nothing to stabilize. Affected version(s) have been removed.
(In reply to Christian Ruppert (idl0r) from comment #1) > All affected version were in testing. There's nothing to stabilize. Affected > version(s) have been removed. Thanks. Updating whiteboard rating to affect the non-stable state since this was indeed introduced in 1.5 series and closing as noglsa.
CVE-2014-6269 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6269): Multiple integer overflows in the http_request_forward_body function in proto_http.c in HAProxy 1.5-dev23 before 1.5.4 allow remote attackers to cause a denial of service (crash) via a large stream of data, which triggers a buffer overflow and an out-of-bounds read.
