Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c3088018 by Moritz Muehlenhoff at 2024-01-22T13:03:31+01:00
new rust-h2 issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -333851,6 +333851,7 @@ CVE-2019-9514 (Some HTTP/2 implementations are
vulnerable to a reset flood, pote
[jessie] - nodejs <not-affected> (No HTTP2 support yet)
- trafficserver 8.0.5+ds-1 (bug #934887)
- h2o 2.2.5+dfsg2-3 (bug #934886)
+ - rust-h2 <unfixed>
NOTE: Issue: https://github.com/golang/go/issues/33606
NOTE:
https://github.com/golang/go/commit/e152b01a468a1c18a290bf9aec52ccea7693c7f2
(golang-1.11)
NOTE:
https://github.com/golang/go/commit/7139b45d1410ded14e1e131151fd8dfc435ede6c
(golang-1.12)
@@ -333859,6 +333860,8 @@ CVE-2019-9514 (Some HTTP/2 implementations are
vulnerable to a reset flood, pote
NOTE:
https://raw.githubusercontent.com/apache/trafficserver/8.0.x/CHANGELOG-8.0.4
NOTE: https://github.com/h2o/h2o/issues/2090
NOTE:
https://github.com/h2o/h2o/commit/743d6b6118c29b75d0b84ef7950a2721c32dfe3f
+ NOTE: https://rustsec.org/advisories/RUSTSEC-2024-0003.html
+ NOTE: https://github.com/hyperium/h2/pull/737
CVE-2019-9513 (Some HTTP/2 implementations are vulnerable to resource loops,
potentia ...)
{DSA-4669-1 DSA-4511-1 DSA-4505-1}
- nginx 1.14.2-3 (bug #935037)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c308801813214906a4066d5225c029a7ad300505
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c308801813214906a4066d5225c029a7ad300505
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
