>> Please provide the output of "haproxy -vv" of the 1.5.11 executable. >> >> I guess you have an ABI problem between openssl 1.0.1 and 1.0.2. > > I wonder if we are not seeing a case not covered by CVE-2015-0290 : > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0290
And linking haproxy 1.5.11 against openssl 1.0.1 would bypass this new
1.0.2 feature for the time being. Likely that combination is safe.
