Comments (5)
Hi,
This is the version from EPEL CentOS repository, so that's what's installed inside the image, sorry... ;)
If you care to, you could go to the package maintainer and ask him/her to update it there... But from what I see in the changelog there are only minor/cosmetic fixes, no new functionality has been added - so in a way I'm not so surprised that nobody is in a rush to update it.
from docker-haproxy.
Indeed.
I'm using the new ssl-default-bind-options option which were added in 1.5.7.
So I had to switch to the https://registry.hub.docker.com/_/haproxy/ image.
from docker-haproxy.
July, 3rd, 2015 : 1.5.14 : fixes an information leak vulnerability (CVE-2015-3281)
A vulnerability was found when HTTP pipelining is used. In some cases, a client might be able to cause a buffer alignment issue and retrieve uninitialized memory contents that exhibit data from a past request or session. I want to address sincere congratulations to Charlie Smurthwaite of aTech Media for the really detailed traces he provided which made it possible to find the cause of this bug. Every user of 1.5-dev, 1.5.x or 1.6-dev must upgrade to 1.5.14 or latest 1.6-dev snapshot to fix this issue, or use the backport of the fix provided by their operating system vendors. CVE-2015-3281 was assigned to this bug. Code and changelog are available here as usual.
from docker-haproxy.
Hi @blop
I have sent PR with fix for this. Now just need to wait for @ryzy to have a look and if all good he will merge it.
From now on I think we will build HAProxy from source. I'll add tags to Docker Hub so you could specify version of HAProxy you would want to run. i.e docker run -d million12/haproxy:1.5.14
from docker-haproxy.
Fixed by e0d78b3734e9c49ca0c0ebbef9e44dd5e0a8e8da
from docker-haproxy.
Related Issues (19)
- inotifywait does not account all files that haproxy read HOT 3
- Configuring logging HOT 2
- config : 'http-request' rules ignored for backend 'nodes-http2' as they require HTTP mode. HOT 1
- CircleCI Builds are failing HOT 1
- Pre and Post reload hooks HOT 4
- HAProxy exits immediately - inotifywait prevents container exiting HOT 3
- CI tests failed HOT 1
- Support /etc/hosts linked containers HOT 2
- Update to 2.1.2
- Move CI to GH Actions HOT 1
- Master branch not pushing latest image to Docker Hub HOT 1
- Update to 2.3
- Add socat and nc for remote drain
- Update OpenSSL to 3.x HOT 1
- Update HAProxy to 2.8.1 HOT 1
- Docker Container Still Running While Haproxy Got OOM and Exited Out
- Upgrade to 1.6.2 HOT 1
- Use zero-downtime restart method described by yelp HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from docker-haproxy.