Package: haproxy Version: 2.2.9-1 Severity: normal
After installing the version 2.2.9-1 Debian package, the default /etc/haproxy/haproxy.cfg contains an SSL configuration excerpt in the global section which has been generated with: https://ssl-config.mozilla.org/#server=haproxy&server-version=2.0.3&config=intermediate ... which seems a little out of date. For 2.2.9 / Bullseye, the URL (and any resulting config lines included in haproyx.cfg) should probably be changed to: https://ssl-config.mozilla.org/#server=haproxy&version=2.2.9&config=intermediate&openssl=1.1.1k Potentially this could impact the security of haproxy configurations if Debian users manually merge the configuration after upgrade, so maybe this would be good to get merge before Bullseye ships. Thanks! Tim.
