[ubuntu/questing-proposed] haproxy 3.0.10-1ubuntu1 (Accepted)

Athos Ribeiro athos.ribeiro at canonical.com
Thu May 22 19:50:17 UTC 2025 

haproxy (3.0.10-1ubuntu1) questing; urgency=medium

  * Merge with Debian unstable (LP: #2110439). Remaining changes:
    - d/{control,rules}: Remove support for OpenTracing due to it being
      in universe
  * Dropped changes:
    - d/{control,rules}: do not link against jemalloc (universe)
      This can be dropped after (LP #2088056) got accepted.
      [ jemalloc is now in main ]
    - SECURITY UPDATE: heap overflow in sample_conv_regsub
      + debian/patches/CVE-2025-32464.patch: fix risk of overflow when
        replacing multiple regex back-refs in src/sample.c.
      + CVE-2025-32464
      [ Fixed in 3.0.10 ]

Date: Tue, 20 May 2025 12:27:08 -0300
Changed-By: Athos Ribeiro <athos.ribeiro at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/haproxy/3.0.10-1ubuntu1
-------------- next part --------------
Format: 1.8
Date: Tue, 20 May 2025 12:27:08 -0300
Source: haproxy
Built-For-Profiles: noudeb
Architecture: source
Version: 3.0.10-1ubuntu1
Distribution: questing
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Athos Ribeiro <athos.ribeiro at canonical.com>
Launchpad-Bugs-Fixed: 2110439
Changes:
 haproxy (3.0.10-1ubuntu1) questing; urgency=medium
 .
   * Merge with Debian unstable (LP: #2110439). Remaining changes:
     - d/{control,rules}: Remove support for OpenTracing due to it being
       in universe
   * Dropped changes:
     - d/{control,rules}: do not link against jemalloc (universe)
       This can be dropped after (LP #2088056) got accepted.
       [ jemalloc is now in main ]
     - SECURITY UPDATE: heap overflow in sample_conv_regsub
       + debian/patches/CVE-2025-32464.patch: fix risk of overflow when
         replacing multiple regex back-refs in src/sample.c.
       + CVE-2025-32464
       [ Fixed in 3.0.10 ]
Checksums-Sha1:
 0d9128f880e609acd7def22f33de68068c54b6c8 2506 haproxy_3.0.10-1ubuntu1.dsc
 bcd041104e8e8f854baf0fc075cbfb4cbc7a779a 4734325 haproxy_3.0.10.orig.tar.gz
 f0eafaeb063ec7bcb1fbcf286c9bb0c2fb30aaef 86000 haproxy_3.0.10-1ubuntu1.debian.tar.xz
 788ba5204ee77b94e596066b0de9d3b7fa4e0d5c 8278 haproxy_3.0.10-1ubuntu1_source.buildinfo
Checksums-Sha256:
 8cf0fdec81f87421fa14cb9ed6a14ee311dc28c21fa3f9a68b34a0f7e9a67a6d 2506 haproxy_3.0.10-1ubuntu1.dsc
 d1508670b6fd5839c669a0a916842f0d3d3d0b578bb351a2a74a1de3d929ce26 4734325 haproxy_3.0.10.orig.tar.gz
 c718075c838b7c4a7fbaa532e892b50768a97fc85714f8053421a74a5132ebb6 86000 haproxy_3.0.10-1ubuntu1.debian.tar.xz
 8f2e36b72ebba125bbbbc128069ebf0cf547f9e0d88c6f217cb7b5541962e9c0 8278 haproxy_3.0.10-1ubuntu1_source.buildinfo
Files:
 376ae3ce9d4ab21aa646fd80da36457d 2506 net optional haproxy_3.0.10-1ubuntu1.dsc
 4a73e92dbb7e436c0945af648ac09840 4734325 net optional haproxy_3.0.10.orig.tar.gz
 ee1357a260aaa575c670b1ce1294bcfe 86000 net optional haproxy_3.0.10-1ubuntu1.debian.tar.xz
 5f6076a60f1d3d4dde10f328f7fa129b 8278 net optional haproxy_3.0.10-1ubuntu1_source.buildinfo
Original-Maintainer: Debian HAProxy Maintainers <team+haproxy at tracker.debian.org>
Vcs-Git: https://git.launchpad.net/~athos-ribeiro/ubuntu/+source/haproxy
Vcs-Git-Commit: 54ded10803762cdbf5b1efa2e414f489d78ce0a3
Vcs-Git-Ref: refs/heads/merge-lp2110439-questing

More information about the Questing-changes mailing list