CVE-2016-5360

Priority
Description
HAproxy 1.6.x before 1.6.6, when a deny comes from a reqdeny rule, allows
remote attackers to cause a denial of service (uninitialized memory access
and crash) or possibly have unspecified other impact via unknown vectors.
Assigned-to
mdeslaur
Notes
mdeslaurissue introduced in 1.6.0
Package
Upstream:released (1.6.5-2)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected [1.4.24-2ubuntu0.4])
Ubuntu 16.04 LTS (Xenial Xerus):released (1.6.3-1ubuntu0.1)
Patches:
Upstream:http://git.haproxy.org/?p=haproxy-1.6.git;a=commit;h=60f01f8c89e4fb2723d5a9f2046286e699567e0b
More Information

Updated: 2020-01-29 19:56:07 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)