Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 7 Jul 2015 16:42:22 +0300
From: Solar Designer <>
Subject: CVE-2015-3281 HAProxy information leak vulnerability


I think this should be brought in here, from the news section on the
HAProxy website:

"July, 3rd, 2015 : 1.5.14 : fixes an information leak vulnerability

A vulnerability was found when HTTP pipelining is used.  In some cases,
a client might be able to cause a buffer alignment issue and retrieve
uninitialized memory contents that exhibit data from a past request or
session.  I want to address sincere congratulations to Charlie
Smurthwaite of aTech Media for the really detailed traces he provided
which made it possible to find the cause of this bug.  Every user of
1.5-dev, 1.5.x or 1.6-dev must upgrade to 1.5.14 or latest 1.6-dev
snapshot to fix this issue, or use the backport of the fix provided by
their operating system vendors.  CVE-2015-3281 was assigned to this bug."



"The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and
1.6-dev does not properly realign a buffer that is used for pending
outgoing data, which allows remote attackers to obtain sensitive
information (uninitialized memory contents of previous requests) via a
crafted request."

Debian and Ubuntu have already sent out advisories.


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.