Subscribe to our blog

What customers of Red Hat OpenShift hosted services should know about the April 2020 HAProxy HTTP/2 flaws

April 3, 2020Bill Montgomery
Hybrid cloud Security 

Tags:Topics

developer-working-on-computer

On April 2, 2020, details were made public about a security flaw that impacts systems running the HAProxy component when HTTP/2 support is enabled. Before the flaws were publicly disclosed, Red Hat worked to determine the impact to our customers for hosted services that use HAProxy - including OpenShift Dedicated, OpenShift Online, and Azure Red Hat OpenShift. We have verified that none of these managed services are using the vulnerable HAProxy configuration. 

For more information on this vulnerability, see CVE-2020-11100 and Red Hat’s vulnerability article

Questions about the vulnerability can be asked via Red Hat Support. For questions about how this vulnerability affects Azure Red Hat OpenShift, please contact Microsoft Support.

Red Hat OpenShift SRE Security Team

About the author

Bill Montgomery

UI_Icon-Red_Hat-Close-A-Black-RGB

More like this

Blog post

Data resiliency: 5 features of Portworx with Red Hat OpenShift Service on AWS

Blog post

Running the Leapp pre-upgrade analysis - Take the unknowns out of your next RHEL upgrade

Original shows

Technically Speaking | Episode 22 | A new software supply chain security recipe

Original shows

Technically Speaking | Episode 18 | WebAssembly breaks away from the browser

Browse by channel

Explore all channels
automation icon

Automation

The latest on IT automation that spans tech, teams, and environments
AI icon

Artificial intelligence

Explore the platforms and partners building a faster path for AI
open hybrid cloud icon

Open hybrid cloud

Explore how we build a more flexible future with hybrid cloud
security icon

Security

Explore how we reduce risks across environments and technologies
edge icon

Edge computing

Updates on the solutions that simplify infrastructure at the edge
Infrastructure icon

Infrastructure

Stay up to date on the world’s leading enterprise Linux platform
application development icon

Applications

The latest on our solutions to the toughest application challenges
Original series icon

Original shows

Entertaining stories from the makers and leaders in enterprise tech