{"id":"SUSE-SU-2023:3469-1","summary":"Security update for haproxy","details":"This update for haproxy fixes the following issues:\n\n- CVE-2023-40225: Fixed request smuggling with empty content-length header value (bsc#1214102).\n","modified":"2026-02-04T04:09:30.627883Z","published":"2023-08-29T07:31:05Z","related":["CVE-2023-40225"],"upstream":["CVE-2023-40225"],"references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2023/suse-su-20233469-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1214102"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-40225"}],"affected":[{"package":{"name":"haproxy","ecosystem":"SUSE:Linux Enterprise Micro 5.3","purl":"pkg:rpm/suse/haproxy&distro=SUSE%20Linux%20Enterprise%20Micro%205.3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.4.22+git0.f8e3218e2-150400.3.16.1"}]}],"ecosystem_specific":{"binaries":[{"haproxy":"2.4.22+git0.f8e3218e2-150400.3.16.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:3469-1.json"}},{"package":{"name":"haproxy","ecosystem":"SUSE:Linux Enterprise Micro 5.4","purl":"pkg:rpm/suse/haproxy&distro=SUSE%20Linux%20Enterprise%20Micro%205.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.4.22+git0.f8e3218e2-150400.3.16.1"}]}],"ecosystem_specific":{"binaries":[{"haproxy":"2.4.22+git0.f8e3218e2-150400.3.16.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:3469-1.json"}},{"package":{"name":"haproxy","ecosystem":"SUSE:Linux Enterprise High Availability Extension 15 SP4","purl":"pkg:rpm/suse/haproxy&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.4.22+git0.f8e3218e2-150400.3.16.1"}]}],"ecosystem_specific":{"binaries":[{"haproxy":"2.4.22+git0.f8e3218e2-150400.3.16.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:3469-1.json"}},{"package":{"name":"haproxy","ecosystem":"SUSE:Linux Enterprise High Availability Extension 15 SP5","purl":"pkg:rpm/suse/haproxy&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.4.22+git0.f8e3218e2-150400.3.16.1"}]}],"ecosystem_specific":{"binaries":[{"haproxy":"2.4.22+git0.f8e3218e2-150400.3.16.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:3469-1.json"}},{"package":{"name":"haproxy","ecosystem":"openSUSE:Leap Micro 5.3","purl":"pkg:rpm/opensuse/haproxy&distro=openSUSE%20Leap%20Micro%205.3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.4.22+git0.f8e3218e2-150400.3.16.1"}]}],"ecosystem_specific":{"binaries":[{"haproxy":"2.4.22+git0.f8e3218e2-150400.3.16.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:3469-1.json"}},{"package":{"name":"haproxy","ecosystem":"openSUSE:Leap Micro 5.4","purl":"pkg:rpm/opensuse/haproxy&distro=openSUSE%20Leap%20Micro%205.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.4.22+git0.f8e3218e2-150400.3.16.1"}]}],"ecosystem_specific":{"binaries":[{"haproxy":"2.4.22+git0.f8e3218e2-150400.3.16.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:3469-1.json"}},{"package":{"name":"haproxy","ecosystem":"openSUSE:Leap 15.4","purl":"pkg:rpm/opensuse/haproxy&distro=openSUSE%20Leap%2015.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.4.22+git0.f8e3218e2-150400.3.16.1"}]}],"ecosystem_specific":{"binaries":[{"haproxy":"2.4.22+git0.f8e3218e2-150400.3.16.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:3469-1.json"}},{"package":{"name":"haproxy","ecosystem":"openSUSE:Leap 15.5","purl":"pkg:rpm/opensuse/haproxy&distro=openSUSE%20Leap%2015.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.4.22+git0.f8e3218e2-150400.3.16.1"}]}],"ecosystem_specific":{"binaries":[{"haproxy":"2.4.22+git0.f8e3218e2-150400.3.16.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:3469-1.json"}}],"schema_version":"1.7.3"}