Hi, this concerns HAproxy -- serious vulnerability affecting the HPACK decoder used for HTTP/2 CVE: CVE-2020-11100 WWW: https://vuxml.FreeBSD.org/freebsd/7f829d44-7509-11ea-b47c-589cfc0f81b0.html See also: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=245282 Thanks in advance
A commit references this bug: Author: demon Date: Sat May 2 08:14:26 UTC 2020 New revision: 533678 URL: https://svnweb.freebsd.org/changeset/ports/533678 Log: MFH: 2020Q2 (minor secutiry update). Merge minor security-related update of haproxy ports. PR: 246094 Update to version 2.0.14. Update to version 2.1.4. Update to version 1.8.25. Update to version 1.9.15. Approved by: portmgr (blanket) Changes: _U branches/2020Q2/ branches/2020Q2/net/haproxy/Makefile branches/2020Q2/net/haproxy/distinfo branches/2020Q2/net/haproxy18/Makefile branches/2020Q2/net/haproxy18/distinfo branches/2020Q2/net/haproxy19/Makefile branches/2020Q2/net/haproxy19/distinfo branches/2020Q2/net/haproxy21/Makefile branches/2020Q2/net/haproxy21/distinfo
Done, thanks for reminder!
Thanks a lot for your work!