Release date:
2026-07-01 08:55:01 UTC
Description:
* SECURITY UPDATE: NULL pointer dereference in HPACK dynamic table insertion
- debian/patches/CVE-2026-55204.patch: add a missing NULL check after
hpack_dht_defrag() at the third call site in hpack_dht_insert() in
src/hpack-tbl.c, preventing a worker process crash via NULL dereference
when the HPACK table memory pool is exhausted
- CVE-2026-55204
Updated packages:
-
haproxy_2.0.33-0ubuntu0.1+tuxcare.els1_amd64.deb
sha:e6150ee0a4e769f6338042871b40bb95fafad952
-
haproxy-doc_2.0.33-0ubuntu0.1+tuxcare.els1_all.deb
sha:1dcb5edc3be4c8488976f7aa5a6b275cb281a853
-
vim-haproxy_2.0.33-0ubuntu0.1+tuxcare.els1_all.deb
sha:27165c637d9a76673fd37bd644413cffa5f084dc
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.