3rd April 2020

Investigating CVE-2020-11100 about haproxy

We are currently investigating CVE-2020-11100 "haproxy: malformed HTTP/2 requests can lead to out-of-bounds writes". We will keep you informed about our next steps and plan of the roll out of fixes.


Update 2020/04/03 15:25: We will roll out an emergency change to mitigate the issue tonight, at 22:00 CEST.


Update 22:03 CEST: The change has been rolled out to all OpenShift clusters.