[CLSA-2026:1782744931] haproxy: Fix of CVE-2026-55203
Type:
security
Severity:
Critical
Release date:
2026-06-29 14:55:47 UTC
Description:
- CVE-2026-55203: fix integer overflow in FCGI mux demux record length field by widening drl from uint16_t to uint32_t, preventing FCGI framing desynchronization triggered by malicious backends
CVEs fixed:
Updated packages:
  • haproxy-2.4.17-6.el9.tuxcare.els5.x86_64.rpm
    sha:12051a35b745e6e2dcb68ee05f619969f59902fff7ffa8e9b5907645af9860bb
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.