-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3898-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk September 27, 2024 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : nghttp2 Version : 1.43.0-1+deb11u2 CVE ID : CVE-2024-28182 Debian Bug : 1068415 Unbounded number of HTTP/2 CONTINUATION frames that could cause DoS was fixed in nghttp2, an implementation of HTTP/2. For Debian 11 bullseye, this problem has been fixed in version 1.43.0-1+deb11u2. We recommend that you upgrade your nghttp2 packages. For the detailed security status of nghttp2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/nghttp2 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmb2wm4ACgkQiNJCh6LY mLHqXg/8DQbqLkQ6tzgznSlmyEo2HaEc2O1Tx/fO+wBYTxZLCPuIy3v+XlPyCnuJ jkyFYt8+M7zzxm1eW7zNyJv2C7INqzILjpWwagBio5NBsQazEHEWIj7mwsYYcOor JwszI78DpGiW3wiVh+ENI95CuD3cbeZD8aqdiwpuBOd1T/oGlizG1sl6npeVJ9/c DARMQVeZk5IUAeXuA7JtEecX0l+p3Os5vKgUx6184Zigxt+lcYopGg4IX5o5CY2V lnMmmGCFVIB+7bHVdximzuYOFrUb+iQx//I//8PF5MQ70IKeqOcpe+qS7NAQE/eb R2A9pWp9KzWusmEsVXxX/5TeAx1YSvk041J2Xthb9PQWYIMztM9HASdcm4U1KHr3 GWUZyhHwmcXIk7JlOK+hZjODPkCQEeHLI/v/UDqPmuxN3Wc7BYUuLLl9ZkjErQzU ztAWJDSoBwwbZ2iehhlQMjZrT32ITSW91YAKKt8hcORYXN91/J9QG8dHt/zqFO3e O8ciYHJR4qlDrx1ROC7oefqBV8VkQGZps3WegsB104712aZ168YMt7zmFxCgGvEH i773kowq2jCq5Kn3qmfZ+Uk4lOQ0Qs3ZtIaegbnnlVRxkEQVMAStf8sIfRVEvHEN GShS4LeSXMumZxDU9QntJlqFLM0O/rBVtM0hhLpw/xOU+t1w9bI= =lFpV -----END PGP SIGNATURE-----
