Coder Social home page Coder Social logo

Comments (5)

ryzy avatar ryzy commented on May 25, 2024

Hi,

This is the version from EPEL CentOS repository, so that's what's installed inside the image, sorry... ;)

If you care to, you could go to the package maintainer and ask him/her to update it there... But from what I see in the changelog there are only minor/cosmetic fixes, no new functionality has been added - so in a way I'm not so surprised that nobody is in a rush to update it.

from docker-haproxy.

blop avatar blop commented on May 25, 2024

Indeed.

I'm using the new ssl-default-bind-options option which were added in 1.5.7.
So I had to switch to the https://registry.hub.docker.com/_/haproxy/ image.

from docker-haproxy.

blop avatar blop commented on May 25, 2024

July, 3rd, 2015 : 1.5.14 : fixes an information leak vulnerability (CVE-2015-3281)

A vulnerability was found when HTTP pipelining is used. In some cases, a client might be able to cause a buffer alignment issue and retrieve uninitialized memory contents that exhibit data from a past request or session. I want to address sincere congratulations to Charlie Smurthwaite of aTech Media for the really detailed traces he provided which made it possible to find the cause of this bug. Every user of 1.5-dev, 1.5.x or 1.6-dev must upgrade to 1.5.14 or latest 1.6-dev snapshot to fix this issue, or use the backport of the fix provided by their operating system vendors. CVE-2015-3281 was assigned to this bug. Code and changelog are available here as usual.

see http://www.haproxy.org/

from docker-haproxy.

pozgo avatar pozgo commented on May 25, 2024

Hi @blop
I have sent PR with fix for this. Now just need to wait for @ryzy to have a look and if all good he will merge it.

From now on I think we will build HAProxy from source. I'll add tags to Docker Hub so you could specify version of HAProxy you would want to run. i.e docker run -d million12/haproxy:1.5.14

from docker-haproxy.

pozgo avatar pozgo commented on May 25, 2024

Fixed by e0d78b3734e9c49ca0c0ebbef9e44dd5e0a8e8da

from docker-haproxy.

Related Issues (19)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.