公告ID: KYLIN-2018-20615
安全等级: 重要
产品: Kylin V3
发布日期: 2019年1月8日
CVE: CVE-2018-20615
CVSS3评分: 7.5
概述:
HTTP/2 support was added to haproxy in version 1.8, therefore OpenShift Container Platform (OCP) 3.7 and earlier are unaffected by this flaw, see [1]. OCP 3.11 added a configuration option to ose-haproxy-router that made enabling HTTP/2 support easy, [2]. Prior to that, in versions OCP 3.9 and 3.10, an administrator had to customize the haproxy router configuration to add HTTP/2 support, [3]. OCP 3.9, and 3.10 are rated as moderate because HTTP/2 support was not a standard configuration option, and therefore unlikely to be enabled. Versions of haproxy included in Kylin Enterprise Linux 6 and 7, excluding rh-haproxy18-haproxy in Kylin Software Collections, are unaffected as they package versions of haproxy before 1.7. [1] http://www.haproxy.org/news.html [2] https://github.com/openshift/origin/pull/19968 [3] https://docs.openshift.com/container-platform/3.10/install_config/router/customized_haproxy_router.html 描述:
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 系统版本:
KYLIN 3.2.x
KYLIN 3.3.x
受影响包列表:
haproxy
haproxy