[CLSA-2026:1782896085] Fix CVE(s): CVE-2026-55204
Type:
security
Severity:
Important
Release date:
2026-07-01 08:55:01 UTC
Description:
* SECURITY UPDATE: NULL pointer dereference in HPACK dynamic table insertion - debian/patches/CVE-2026-55204.patch: add a missing NULL check after hpack_dht_defrag() at the third call site in hpack_dht_insert() in src/hpack-tbl.c, preventing a worker process crash via NULL dereference when the HPACK table memory pool is exhausted - CVE-2026-55204
CVEs fixed:
Updated packages:
  • haproxy_2.0.33-0ubuntu0.1+tuxcare.els1_amd64.deb
    sha:e6150ee0a4e769f6338042871b40bb95fafad952
  • haproxy-doc_2.0.33-0ubuntu0.1+tuxcare.els1_all.deb
    sha:1dcb5edc3be4c8488976f7aa5a6b275cb281a853
  • vim-haproxy_2.0.33-0ubuntu0.1+tuxcare.els1_all.deb
    sha:27165c637d9a76673fd37bd644413cffa5f084dc
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.