{"affected":[{"ecosystem_specific":{"binaries":[{"haproxy":"1.5.4-12.1"}]},"package":{"ecosystem":"SUSE:OpenStack Cloud 5","name":"haproxy","purl":"pkg:rpm/suse/haproxy&distro=SUSE%20OpenStack%20Cloud%205"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.5.4-12.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"\nhaxproy was updated to backport various security fixes and related patches (bsc#937202) (bsc#937042) (CVE-2015-3281)\n\n+ BUG/MAJOR: buffers: make the buffer_slow_realign() function respect output data\n+ BUG/MINOR: ssl: fix smp_fetch_ssl_fc_session_id\n+ MEDIUM: ssl: replace standards DH groups with custom ones\n+ BUG/MEDIUM: ssl: fix tune.ssl.default-dh-param value being overwritten\n+ MINOR: ssl: add a destructor to free allocated SSL ressources\n+ BUG/MINOR: ssl: Display correct filename in error message\n+ MINOR: ssl: load certificates in alphabetical order\n+ BUG/MEDIUM: checks: fix conflicts between agent checks and ssl healthchecks\n+ BUG/MEDIUM: ssl: force a full GC in case of memory shortage\n+ BUG/MEDIUM: ssl: fix bad ssl context init can cause segfault in case of OOM.\n+ BUG/MINOR: ssl: correctly initialize ssl ctx for invalid certificates\n+ MINOR: ssl: add statement to force some ssl options in global.\n+ MINOR: ssl: add fetchs 'ssl_c_der' and 'ssl_f_der' to return DER formatted certs\n\nAlso the init script was fixed for the haproxy status checks (bsc#947204)\n ","id":"SUSE-SU-2015:1776-1","modified":"2015-09-25T13:22:07Z","published":"2015-09-25T13:22:07Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2015/suse-su-20151776-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/937042"},{"type":"REPORT","url":"https://bugzilla.suse.com/937202"},{"type":"REPORT","url":"https://bugzilla.suse.com/947204"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-3281"}],"related":["CVE-2015-3281"],"summary":"Security update for haproxy","upstream":["CVE-2015-3281"]}