On Sat, Jan 25, 2020 at 02:39:04PM +0100, Vincent Bernat wrote: > Package: release.debian.org > Severity: normal > Tags: buster > User: release.debian....@packages.debian.org > Usertags: pu > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Hey! > > The logrotate configuration file for HAProxy doesn't signal rsyslog > correctly. Therefore, logs are not really rotated and on a moderately > busy site, this can fill up a log partition. When running with > systemd, rsyslog doesn't write a PID file and there fore, the SysV > init script invoked to rotate logs does not work. Instead, rsyslog > package provides an helper for this purpose. > > The change has been applied to 2.0.12-1 currently in unstable and > testing. I would like to push it for the next point release next week.
If we're doing a Buster update anyway, could we also piggyback the fix for https://nathandavison.com/blog/haproxy-http-request-smuggling (CVE-2019-18277), https://git.haproxy.org/?p=haproxy-2.0.git;a=commit;h=196a7df44d8129d1adc795da020b722614d6a581 ? Cheers, Moritz