[CLSA-2026:1782725469] haproxy: Fix of CVE-2026-55203
Type:
security
Severity:
Critical
Release date:
2026-06-29 09:31:25 UTC
Description:
- CVE-2026-55203: fix uint16_t overflow of the FCGI demux record length (drl) in mux-fcgi that allowed FastCGI framing desync; widen drl to uint32_t (backport of upstream 5985276)
CVEs fixed:
Updated packages:
  • haproxy-2.4.22-4.el9.tuxcare.els2.x86_64.rpm
    sha:735866c76c838eb294cf5a2781d74604b85244d60c9f8b32b6622498c9c778ca
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.