Tags: security upstream
The following vulnerabilities were published for hhvm, filling a bug
for both in one to keep track of the fixes.
|denial-of-service issue in the Proxygen handling of invalid HTTP2
|ability to override global variables and members of $GLOBALS via file
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
For further information see: