Update haproxy to 1.8.14 #4865

TimWolla · 2018-09-20T19:52:51Z

This fixes CVE-2018-14645.

tianon · 2018-09-20T19:57:02Z

Diff:

diff --git a/_bashbrew-list b/_bashbrew-list
index fba36fe..369951d 100644
--- a/_bashbrew-list
+++ b/_bashbrew-list
@@ -14,7 +14,7 @@ haproxy:1.7.11
 haproxy:1.7.11-alpine
 haproxy:1.8
 haproxy:1.8-alpine
-haproxy:1.8.13
-haproxy:1.8.13-alpine
+haproxy:1.8.14
+haproxy:1.8.14-alpine
 haproxy:alpine
 haproxy:latest
diff --git a/haproxy_alpine/Dockerfile b/haproxy_alpine/Dockerfile
index 9eaaea7..570a1a4 100644
--- a/haproxy_alpine/Dockerfile
+++ b/haproxy_alpine/Dockerfile
@@ -2,8 +2,8 @@
 FROM alpine:3.8
 
 ENV HAPROXY_MAJOR 1.8
-ENV HAPROXY_VERSION 1.8.13
-ENV HAPROXY_SHA256 2bf5dafbb5f1530c0e67ab63666565de948591f8e0ee2a1d3c84c45e738220f1
+ENV HAPROXY_VERSION 1.8.14
+ENV HAPROXY_SHA256 b17e402578be85e58af7a3eac99b1f675953bea9f67af2e964cf8bdbd1bd3fdf
 
 # see https://sources.debian.net/src/haproxy/jessie/debian/rules/ for some helpful navigation of the possible "make" arguments
 RUN set -x \
diff --git a/haproxy_latest/Dockerfile b/haproxy_latest/Dockerfile
index 907db8e..3931df6 100644
--- a/haproxy_latest/Dockerfile
+++ b/haproxy_latest/Dockerfile
@@ -2,8 +2,8 @@
 FROM debian:stretch-slim
 
 ENV HAPROXY_MAJOR 1.8
-ENV HAPROXY_VERSION 1.8.13
-ENV HAPROXY_SHA256 2bf5dafbb5f1530c0e67ab63666565de948591f8e0ee2a1d3c84c45e738220f1
+ENV HAPROXY_VERSION 1.8.14
+ENV HAPROXY_SHA256 b17e402578be85e58af7a3eac99b1f675953bea9f67af2e964cf8bdbd1bd3fdf
 
 # see https://sources.debian.net/src/haproxy/jessie/debian/rules/ for some helpful navigation of the possible "make" arguments
 RUN set -x \

tianon · 2018-09-20T20:01:21Z

LGTM

Build test of #4865; 6d04617; amd64 (haproxy):

$ bashbrew build haproxy:1.5.19
Building bashbrew/cache:78a669f7bf69dd12db43f987f528bf298bdc895e5b9482787cc7fc275f7b6a41 (haproxy:1.5.19)
Tagging haproxy:1.5.19
Tagging haproxy:1.5

$ test/run.sh haproxy:1.5.19
testing haproxy:1.5.19
	'utc' [1/5]...passed
	'cve-2014--shellshock' [2/5]...passed
	'no-hard-coded-passwords' [3/5]...passed
	'override-cmd' [4/5]...passed
	'haproxy-basics' [5/5]...passed


$ bashbrew build haproxy:1.5.19-alpine
Building bashbrew/cache:53f1082144112cb8d39758dd1963ea98077aafb7d3063d53ca12b6463fd3f19f (haproxy:1.5.19-alpine)
Tagging haproxy:1.5.19-alpine
Tagging haproxy:1.5-alpine

$ test/run.sh haproxy:1.5.19-alpine
testing haproxy:1.5.19-alpine
	'utc' [1/5]...passed
	'cve-2014--shellshock' [2/5]...passed
	'no-hard-coded-passwords' [3/5]...passed
	'override-cmd' [4/5]...passed
	'haproxy-basics' [5/5]...passed


$ bashbrew build haproxy:1.6.14
Building bashbrew/cache:a7e4373e0eda5f5735951518a2e5bb12bd172482a90d3f0967b2a1e54e843cef (haproxy:1.6.14)
Tagging haproxy:1.6.14
Tagging haproxy:1.6

$ test/run.sh haproxy:1.6.14
testing haproxy:1.6.14
	'utc' [1/5]...passed
	'cve-2014--shellshock' [2/5]...passed
	'no-hard-coded-passwords' [3/5]...passed
	'override-cmd' [4/5]...passed
	'haproxy-basics' [5/5]...passed


$ bashbrew build haproxy:1.6.14-alpine
Building bashbrew/cache:a91469c4806c5f504942c1cba02c1106a21c8d5caa7fd45e1665e40d81b7c565 (haproxy:1.6.14-alpine)
Tagging haproxy:1.6.14-alpine
Tagging haproxy:1.6-alpine

$ test/run.sh haproxy:1.6.14-alpine
testing haproxy:1.6.14-alpine
	'utc' [1/5]...passed
	'cve-2014--shellshock' [2/5]...passed
	'no-hard-coded-passwords' [3/5]...passed
	'override-cmd' [4/5]...passed
	'haproxy-basics' [5/5]...passed


$ bashbrew build haproxy:1.7.11
Building bashbrew/cache:85074263eeb1dbe0c65283f0b85e8eb7a783dff51eea4f35aa8fb88f425edd08 (haproxy:1.7.11)
Tagging haproxy:1.7.11
Tagging haproxy:1.7

$ test/run.sh haproxy:1.7.11
testing haproxy:1.7.11
	'utc' [1/5]...passed
	'cve-2014--shellshock' [2/5]...passed
	'no-hard-coded-passwords' [3/5]...passed
	'override-cmd' [4/5]...passed
	'haproxy-basics' [5/5]...passed


$ bashbrew build haproxy:1.7.11-alpine
Building bashbrew/cache:82ba0bdd407b3eafca159de8e0d7a0ec0a3be4feb2f98574eca5c285f5f97ff0 (haproxy:1.7.11-alpine)
Tagging haproxy:1.7.11-alpine
Tagging haproxy:1.7-alpine

$ test/run.sh haproxy:1.7.11-alpine
testing haproxy:1.7.11-alpine
	'utc' [1/5]...passed
	'cve-2014--shellshock' [2/5]...passed
	'no-hard-coded-passwords' [3/5]...passed
	'override-cmd' [4/5]...passed
	'haproxy-basics' [5/5]...passed


$ bashbrew build haproxy:1.8.14
Building bashbrew/cache:8ed1bd98ef1d40c976a62710f796de6e53809ef0ccfd8ca20e325fcd538c9fc8 (haproxy:1.8.14)
Tagging haproxy:1.8.14
Tagging haproxy:1.8
Tagging haproxy:1
Tagging haproxy:latest

$ test/run.sh haproxy:1.8.14
testing haproxy:1.8.14
	'utc' [1/5]...passed
	'cve-2014--shellshock' [2/5]...passed
	'no-hard-coded-passwords' [3/5]...passed
	'override-cmd' [4/5]...passed
	'haproxy-basics' [5/5]...passed


$ bashbrew build haproxy:1.8.14-alpine
Building bashbrew/cache:7ac1a5229e93f016ece334bcfc5919cded0f6b4a05816331e7c2acce37dc5b6a (haproxy:1.8.14-alpine)
Tagging haproxy:1.8.14-alpine
Tagging haproxy:1.8-alpine
Tagging haproxy:1-alpine
Tagging haproxy:alpine

$ test/run.sh haproxy:1.8.14-alpine
testing haproxy:1.8.14-alpine
	'utc' [1/5]...passed
	'cve-2014--shellshock' [2/5]...passed
	'no-hard-coded-passwords' [3/5]...passed
	'override-cmd' [4/5]...passed
	'haproxy-basics' [5/5]...passed

Update haproxy to 1.8.14

6d04617

This fixes CVE-2018-14645.

docker-library-bot added the library/haproxy label Sep 20, 2018

tianon merged commit 1b632f6 into docker-library:master Sep 20, 2018

TimWolla deleted the haproxy-1.8.14 branch September 20, 2018 21:23

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update haproxy to 1.8.14 #4865

Update haproxy to 1.8.14 #4865

TimWolla commented Sep 20, 2018

tianon commented Sep 20, 2018

tianon commented Sep 20, 2018

Update haproxy to 1.8.14 #4865

Update haproxy to 1.8.14 #4865

Conversation

TimWolla commented Sep 20, 2018

tianon commented Sep 20, 2018

tianon commented Sep 20, 2018