HAProxy 1.8+ HTTP/2 HPACK Decoder Vulnerability Fixed

DRANK

Security researcher Felix Wilhelm, working with Google’s Project Zero, has disclosed a critical vulnerability in HAProxy’s HTTP/2 HPACK decoder in versions 1.8 and above. Wilhelm has disclosed critical vulnerabilities in other popular products such as Xen, Hyper-V, IBM GPFS, and FireEye’s MPS. Project Zero is a team of security analysts employed by Google that is …