Home | Devuan | Git | Forum | Packages | Popcon
Donate now!
Download

Devuan bug report logs - #863
haproxy forward upgrade and connection headers as default (h2c request smuggling)

version graph

Package: haproxy; Maintainer for haproxy is (unknown); Source for haproxy is src:haproxy.

Reported by: gr0 bUst4 <bUst4gr0@riseup.net>

Date: Mon, 28 Oct 2024 10:38:01 UTC

Severity: normal

Tags: debian

Fixed in version 3.0.9-1

Done: Mark Hindley <mark@hindley.org.uk>

Full log

Message #15 received at 863-done@bugs.devuan.org (full text, mbox, reply):

Received: (at 863-done) by bugs.devuan.org; 11 Oct 2025 11:15:07 +0000
Return-Path: <mark@hindley.org.uk>
Delivered-To: bugs@devuan.org
Received: from email.devuan.org [2a01:4f9:fff1:13::5fd9:f9e4]
	by doc.devuan.org with IMAP (fetchmail-6.4.16)
	for <debbugs@localhost> (single-drop); Sat, 11 Oct 2025 11:15:07 +0000 (UTC)
Received: from email.devuan.org
	by email.devuan.org with LMTP
	id oiKdMCQ86mi0UwAAmSBk0A
	(envelope-from <mark@hindley.org.uk>)
	for <bugs@devuan.org>; Sat, 11 Oct 2025 11:14:44 +0000
Received: by email.devuan.org (Postfix, from userid 109)
	id 9DB8D3FF; Sat, 11 Oct 2025 11:14:44 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on email.devuan.org
X-Spam-Level: 
X-Spam-Status: No, score=0.4 required=5.0 tests=RDNS_DYNAMIC,SPF_PASS,
	T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6
Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=193.36.131.86; helo=mx.hindley.org.uk; envelope-from=mark@hindley.org.uk; receiver=bugs.devuan.org 
Received: from mx.hindley.org.uk (193-36-131-86.cfwn.uk [193.36.131.86])
	by email.devuan.org (Postfix) with ESMTPS id 311AD1F6
	for <863-done@bugs.devuan.org>; Sat, 11 Oct 2025 11:14:43 +0000 (UTC)
Received: from hindley.org.uk (apollo.hindleynet [192.168.1.3])
	by mx.hindley.org.uk (Postfix) with SMTP id 33DC9110
	for <863-done@bugs.devuan.org>; Sat, 11 Oct 2025 12:14:42 +0100 (BST)
Received: (nullmailer pid 6993 invoked by uid 1000);
	Sat, 11 Oct 2025 11:14:41 -0000
Date: Sat, 11 Oct 2025 12:14:41 +0100
From: Mark Hindley <mark@hindley.org.uk>
To: 863-done@bugs.devuan.org
Subject: Upstream fix now in Debian
Message-ID: <aOo8IY1m3CUoeSaN@hindley.org.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-Debbugs-No-Ack: No Thanks

Version: 3.0.9-1

Closing.

Mark

Send a report that this bug log contains spam.

Devuan BTS -- Powered by Debian bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.

Devuan Bugs Owner <owner@bugs.devuan.org>.
Last modified: Mon Oct 20 17:34:10 2025;