mirror/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git synced 2026-02-04 21:23:31 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
6995fe60c32726830786be229c0531ce5fe531ae
haproxy/doc
History
William Lallemand 6995fe60c3 MINOR: ssl: allow to disable certificate compression 
This option allows to disable the certificate compression (RFC 8879)
using OpenSSL >= 3.2.0.

This feature is known to permit some denial of services by causing extra
memory allocations of approximately 22MiB and extra CPU work per
connection with OpenSSL versions affected by CVE-2025-66199.
( https://openssl-library.org/news/vulnerabilities/index.html#CVE-2025-66199 )

Setting this to "off" permits to mitigate the problem.

Must be backported to every stable branches.
2026-01-27 16:10:41 +01:00
..
design-thoughts
internals
DOC: fix typos in the documentation files
2026-01-20 08:15:28 +01:00
lua-api
51Degrees-device-detection.txt
acl.fig
coding-style.txt
DOC: fix typos in the documentation files
2026-01-20 08:15:28 +01:00
configuration.txt
MINOR: ssl: allow to disable certificate compression
2026-01-27 16:10:41 +01:00
cookie-options.txt
DeviceAtlas-device-detection.txt
gpl.txt
haproxy.1
HAProxyCommunityEdition_60px.png
intro.txt
DOC: fix typos in the documentation files
2026-01-20 08:15:28 +01:00
lgpl.txt
linux-syn-cookies.txt
lua.txt
management.txt
DOC: fix mismatched quotes typos around words in the documentation files
2026-01-20 08:15:41 +01:00
netscaler-client-ip-insertion-protocol.txt
network-namespaces.txt
peers-v2.0.txt
peers.txt
CLEANUP: assorted typo fixes in the code and comments
2022-12-07 09:08:18 +01:00
proxy-protocol.txt
DOC: proxy-protocol: Add SSL client certificate TLV
2026-01-20 08:11:19 +01:00
queuing.fig
regression-testing.txt
DOC: reg-tests: update VTest upstream link in the starting guide
2026-01-26 13:56:13 +01:00
seamless_reload.txt
SOCKS4.protocol.txt
SPOE.txt
WURFL-device-detection.txt