从这个网页截图中,我们可以获取到以下关于漏洞的关键信息: 1. 版本信息: - 该版本是haproxy-2.9.10。 - 该版本发布于2024年9月3日。 2. 漏洞列表: - REGTESTS:ssl: fix some regtests 'feature cmd' start condition。 - BUG/MEDIUM:proxy: fix email-alert invalid free。 - DOC:configuration: fix alphabetical order of bind options。 - SCRIPTS:git-show-backports: do not truncate git-show output。 - DOC:api/event_hdl: small updates, fix an example and add some precisions。 - BUG/MEDIUM:h3: fix crash on STOP_SENDING receive after GOAWAY emission。 - BUG/MEDIUM:mux-quick: fix crash on qcs SD alloc failure。 - BUG/MEDIUM:quic: fix BUG_ON() on Tx pkt alloc failure。 - BUG/MEDIUM:hlua: report proper context upon error in hlua_cli_io_handler_fct()。 - BUG/MEDIUM:stick-table: Decrement the ref count inside lock to kill a session。 - MINOR:activity: make the memory profiling hash size configurable at build time。 - BUG/MEDIUM:h3: ensure the ":method" pseudo header is totally valid。 - BUG/MEDIUM:h3: ensure the ":scheme" pseudo header is totally valid。 - BUG/MEDIUM:quic: fix race-condition in qc_check dcid()。 - BUG/MEDIUM:quic: fix race-condition on trace for CID retrieval。 - BUG/MEDIUM:quic: fix possible exit from qc_check dcid() without unlocking。 - DOC:configuration: more details about the master-worker mode。 - BUG/MEDIUM:jwt: don't try to load files with HMAC algorithm。 - DOC:configuration: update maxconn description。 - BUG/MEDIUM:jwt: fix variable initialisation。 - BUG/MEDIUM:h1: Fail to parse empty transfer coding names。 - BUG/MEDIUM:h1: Reject empty coding name as last transfer-encoding value。 - BUG/MEDIUM:h1: Reject empty Transfer-encoding header。 - BUG/MEDIUM:bwlmin: Be sure to create a SPOE applet if none on the current thread。 - BUG/MEDIUM:session: Eval L4/L5 rules defined in the default section。 - BUG/MEDIUM:debug/cli: fix "show threads" crashing with low thread counts。 - BUG/MEDIUM:ssl_sock: fix deadlock in ssl_sock_load_ocsp() on error path。 - BUG/MEDIUM:mux-h2: force a hard error upon short read with pending error。 - DOC:configuration: issuers-chain-path not compatible with OCSP。 - DOC:config: improve the http-keep-alive section。 - BUG/MEDIUM:stick-table: fix crash for src_inc_gpc() without stkcounter。 - BUG/MEDIUM:server: Don't warn fallback IP is used during init-addr resolution。 - BUG/MEDIUM:cli: Atomically inc the global request counter between CLI commands。 - BUG/MEDIUM:quic: Lack of precision when computing K (cubic only cc)。 - BUG/MEDIUM:jwt: Clear SSL error queue on error when checking the signature。 - MINOR:queue: add a function to check for TOCTOU after queueing。 - BUG/MEDIUM:queue: deal with a rare TOCTOU in assign_server_and_queue()。 - MEDIUM:init: set default for fd_hard_limit via DEFAULT_MAXFD (take #2)。 - BUG/MEDIUM:init: fix fd_hard_limit default in compute_ideal_maxconn。 - DOC:quic: fix default minimal value for max window size。 - BUG/MEDIUM:mux-h2: Set ES flag when necessary on 0-copy data forwarding。 - BUG/MEDIUM:stream: Prevent mux upgrades if client connection is no longer ready。 - BUG/MEDIUM:mux-pt: Never fully close the connection on shutdown。 - BUG/MEDIUM:cli: Always release back endpoint between two commands on the mcli。 - BUG/MEDIUM:quic: unexploited retransmission cases for Initial pktns。 - BUG/MEDIUM:mux-h2: try to clear DEM_MROOM and MUX_MFULL at more places。 - BUG/MEDIUM:mux-h2: always clear MUX_MFULL and DEM_MROOM when clearing the mbuf。 - BUG/MEDIUM:quic: Too short datagram during 0-RTT handshakes (aws-lc only)。 - BUG/MEDIUM:Crash on 0-RTT RX packet after dropping Initial pktns。 这些信息详细列出了该版本中修复的漏洞和问题,涵盖了多个方面,包括配置、协议、安全性和性能等。