View Issue Details

IDProjectCategoryView StatusLast Update
0016864CentOS-7haproxypublic2019-12-27 06:25
Reporterzhaofengshou 
PrioritynormalSeverityminorReproducibilityalways
Status newResolutionopen 
Product Version 
Target VersionFixed in Version 
Summary0016864: CVE-2018-14645 and BDSA-2018-4400 (CVE-2018-20102) not fixed in HAProxy 1.5.18-9
DescriptionUsing Synopsys's blackduck hub to scan HAProxy 1.5.18-9, there are two security risks: CVE-2018-14645 and BDSA-2018-4400 (CVE-2018-20102)
TagsNo tags attached.
abrt_hash
URL

Activities

tigalch

tigalch

2019-12-27 06:25

manager   ~0035898

Both these CVEs are listed as "not affected" by RH for EL6/7/8:
https://access.redhat.com/security/cve/cve-2018-14645
https://access.redhat.com/security/cve/cve-2018-20102
The later is fixed by a RHSCL package, but I don't see a rebuild of that one here: https://wiki.centos.org/SpecialInterestGroup/SCLo/CollectionsList

Issue History

Date Modified Username Field Change
2019-12-27 03:11 zhaofengshou New Issue
2019-12-27 06:25 tigalch Note Added: 0035898