❦ 26 janvier 2020 13:00 +01, Vincent Bernat <ber...@debian.org>: >>> The logrotate configuration file for HAProxy doesn't signal rsyslog >>> correctly. Therefore, logs are not really rotated and on a moderately >>> busy site, this can fill up a log partition. When running with >>> systemd, rsyslog doesn't write a PID file and there fore, the SysV >>> init script invoked to rotate logs does not work. Instead, rsyslog >>> package provides an helper for this purpose. >>> >>> The change has been applied to 2.0.12-1 currently in unstable and >>> testing. I would like to push it for the next point release next week. >> >> If we're doing a Buster update anyway, could we also piggyback the fix >> for https://nathandavison.com/blog/haproxy-http-request-smuggling >> (CVE-2019-18277), >> https://git.haproxy.org/?p=haproxy-2.0.git;a=commit;h=196a7df44d8129d1adc795da020b722614d6a581 >> ? > > Ack! I have pulled the patch from the 1.8 branch. Here is the updated > debdiff. It compiles and simple tests pass too. I'll be checking with > upstream if they have an opinion around this.
Upstream is OK to apply the patch on top of 1.8.19.
--
Don't use conditional branches as a substitute for a logical expression.
- The Elements of Programming Style (Kernighan & Plauger)
signature.asc
Description: PGP signature
