VDB

GCVE-110-MAGEIA-2026-19

GCVE-110-MAGEIA-2026-19
Advisory Published
Vulnetix · Advisory published January 27, 2026
Haproxy has two major, a few medium and a few minor bugs fixed in the last upstream version 2.8.18 of branch 2.8. Fixed major bugs list: - quic: use ncbmbuf for CRYPTO handling - stream: Force channel analysis on successful synchronous send Fixed medium bugs list: - dns: bind the nameserver sockets to the initiating thread - h1: prevent a crash on HTTP/2 upgrade - h3: do not overwrite interim with final response - h3: handle interim response properly on FE side - h3: properly encode response after interim one in same buf - http-ana: Don't close server connection on read0 in TUNNEL mode - mux-quic: adjust wakeup behavior - mux-quic: ensure Early-data header is set - quic: CRYPTO frame freeing without eb_delete() - resolvers: make the process_resolvers() task single-threaded - ssl: Crash because of dangling ckch_store reference in a ckch instance - ssl: take care of second client hello - stick-tables: Always return the good stksess from stktable_set_entry - stick-tables: Don't forget to dec count on failure.

Affected Products

VendorProductVersionsPlatforms
Mageiaopencpn-ais-radar-plugin0 (affected), 1.4.20.0-1.mga9 (unaffected)
Mageiaopencpn-radar-plugin0 (affected), 5.6.0~beta-1.mga9 (unaffected)
Mageiaopencpn-polar-plugin0 (affected), 1.2.37.0-1.mga9 (unaffected)
Mageiaopencpn-dashboardsk-plugin0 (affected), 0.3.4-1.mga9 (unaffected)
Mageiaopencpn-sar-plugin0 (affected), 4.2.2-1.mga9 (unaffected)
Mageiaopencpn-objsearch-plugin0 (affected), 0.28.0-1.mga9 (unaffected)
Mageiaopencpn-nsk-plugin0 (affected), 0.2.4.1-1.mga9 (unaffected)
Mageiaopencpn-climatology-plugin0 (affected), 1.6.35.0-1.mga9 (unaffected)
Mageiaopencpn-watchdog-plugin2.5.2.0-1.mga9 (unaffected), 0 (affected)
Mageiaopencpn-celestial-navigation-plugin0 (affected), 2.4.66.0-1.mga9 (unaffected)
Mageiaopencpn-squiddio-plugin0 (affected), 1.3.99.0-1.mga9 (unaffected)
Mageiahaproxy0 (affected), 2.8.18-1.mga9 (unaffected), 0 (affected), 2.8.18-1.mga9 (unaffected)
Mageiaopencpn-weather-routing-plugin0 (affected), 1.15.45.7-1.mga9 (unaffected)
Mageiaopencpn-iacfleet-plugin0 (affected), 0.33.0-1.mga9 (unaffected)
Mageiaopencpn-logbookkonni-plugin1.5.00.0-2.mga9 (unaffected), 0 (affected)

Browse GCVE Records

73,443 records in the GCVE database · Updated July 18, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›