VDB
GCVE-110-MAGEIA-2026-19
GCVE-110-MAGEIA-2026-19
Advisory Published
Haproxy has two major, a few medium and a few minor bugs fixed in the last
upstream version 2.8.18 of branch 2.8.
Fixed major bugs list:
- quic: use ncbmbuf for CRYPTO handling
- stream: Force channel analysis on successful synchronous send
Fixed medium bugs list:
- dns: bind the nameserver sockets to the initiating thread
- h1: prevent a crash on HTTP/2 upgrade
- h3: do not overwrite interim with final response
- h3: handle interim response properly on FE side
- h3: properly encode response after interim one in same buf
- http-ana: Don't close server connection on read0 in TUNNEL mode
- mux-quic: adjust wakeup behavior
- mux-quic: ensure Early-data header is set
- quic: CRYPTO frame freeing without eb_delete()
- resolvers: make the process_resolvers() task single-threaded
- ssl: Crash because of dangling ckch_store reference in a ckch instance
- ssl: take care of second client hello
- stick-tables: Always return the good stksess from stktable_set_entry
- stick-tables: Don't forget to dec count on failure.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | opencpn-ais-radar-plugin | 0 (affected), 1.4.20.0-1.mga9 (unaffected) | — |
| Mageia | opencpn-radar-plugin | 0 (affected), 5.6.0~beta-1.mga9 (unaffected) | — |
| Mageia | opencpn-polar-plugin | 0 (affected), 1.2.37.0-1.mga9 (unaffected) | — |
| Mageia | opencpn-dashboardsk-plugin | 0 (affected), 0.3.4-1.mga9 (unaffected) | — |
| Mageia | opencpn-sar-plugin | 0 (affected), 4.2.2-1.mga9 (unaffected) | — |
| Mageia | opencpn-objsearch-plugin | 0 (affected), 0.28.0-1.mga9 (unaffected) | — |
| Mageia | opencpn-nsk-plugin | 0 (affected), 0.2.4.1-1.mga9 (unaffected) | — |
| Mageia | opencpn-climatology-plugin | 0 (affected), 1.6.35.0-1.mga9 (unaffected) | — |
| Mageia | opencpn-watchdog-plugin | 2.5.2.0-1.mga9 (unaffected), 0 (affected) | — |
| Mageia | opencpn-celestial-navigation-plugin | 0 (affected), 2.4.66.0-1.mga9 (unaffected) | — |
| Mageia | opencpn-squiddio-plugin | 0 (affected), 1.3.99.0-1.mga9 (unaffected) | — |
| Mageia | haproxy | 0 (affected), 2.8.18-1.mga9 (unaffected), 0 (affected), 2.8.18-1.mga9 (unaffected) | — |
| Mageia | opencpn-weather-routing-plugin | 0 (affected), 1.15.45.7-1.mga9 (unaffected) | — |
| Mageia | opencpn-iacfleet-plugin | 0 (affected), 0.33.0-1.mga9 (unaffected) | — |
| Mageia | opencpn-logbookkonni-plugin | 1.5.00.0-2.mga9 (unaffected), 0 (affected) | — |
References
Updated haproxy packages fix bugs
advisory
Browse GCVE Records
73,443 records in the GCVE database · Updated July 18, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.