CVSROOT: /cvs
Module name: ports
Changes by: d...@cvs.openbsd.org 2019/01/10 18:09:50
Modified files:
devel/quirks : Makefile
devel/quirks/files: Quirks.pm
net/haproxy : Makefile distinfo
Log message:
Update to haproxy-1.8.17
Fix CVE-2018-20615: """BUG/CRITICAL: mux-h2: re-check the frame
length when PRIORITY is used
An incorrect frame length check is performed on HEADERS frame having
the PRIORITY flag, possibly resulting in a read-past-bound which can
cause a crash depending how the frame is crafted. All 1.9 and 1.8
versions are affected. As a result, all HTTP/2 users must either
upgrade or temporarily disable HTTP/2 by commenting the "npn h2" and
"alpn h2" statements on their related "bind" lines."""
