[Bug 1840188] Re: Apply fix for CVE-2019-0197 in v2.4.29 in Bionic and Disco

2019-08-29 Thread Launchpad Bug Tracker
This bug was fixed in the package apache2 - 2.4.38-2ubuntu2.2 --- apache2 (2.4.38-2ubuntu2.2) disco-security; urgency=medium * SECURITY UPDATE: HTTP/2 internal data buffering denial of service. - d/p/mod_http2-1.15.4-backport-0004-CVE-2019-9517.patch: improve http/2

[Bug 1840188] Re: Apply fix for CVE-2019-0197 in v2.4.29 in Bionic and Disco

2019-08-29 Thread Launchpad Bug Tracker
This bug was fixed in the package apache2 - 2.4.29-1ubuntu4.10 --- apache2 (2.4.29-1ubuntu4.10) bionic-security; urgency=medium * SECURITY UPDATE: HTTP/2 internal data buffering denial of service. - d/p/mod_http2-1.15.4-backport-0004-CVE-2019-9517.patch: improve http/2

[Bug 1840188] Re: Apply fix for CVE-2019-0197 in v2.4.29 in Bionic and Disco

2019-08-26 Thread Jose Delarosa
Testing on Bionic, some sanity checking only. Looks good so far. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1840188 Title: Apply fix for CVE-2019-0197 in v2.4.29 in Bionic and Disco To manage

[Bug 1840188] Re: Apply fix for CVE-2019-0197 in v2.4.29 in Bionic and Disco

2019-08-24 Thread Alex Murray
Any testing which you can give would be great. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1840188 Title: Apply fix for CVE-2019-0197 in v2.4.29 in Bionic and Disco To manage notifications about

[Bug 1840188] Re: Apply fix for CVE-2019-0197 in v2.4.29 in Bionic and Disco

2019-08-23 Thread Jose Delarosa
Alex, If I can find a suitable test case I'd be happy to test. Or are we talking just general testing? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1840188 Title: Apply fix for CVE-2019-0197 in

[Bug 1840188] Re: Apply fix for CVE-2019-0197 in v2.4.29 in Bionic and Disco

2019-08-22 Thread Alex Murray
There is a package in the ubuntu-security-proposed PPA which includes this fix (and some others) for both bionic and disco, any testing which you could provide would be appreciated. https://launchpad.net/~ubuntu- security-proposed/+archive/ubuntu/ppa -- You received this bug notification because

[Bug 1840188] Re: Apply fix for CVE-2019-0197 in v2.4.29 in Bionic and Disco

2019-08-16 Thread Christian Ehrhardt 
Hi, this is tracked in https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-0197.html but the priority currently is low. There seems to be all kind of http2 effort right now. I'll ping the security team to be aware of your bug to close it once a fix is released. ** Changed in:

[Bug 1840188] Re: Apply fix for CVE-2019-0197 in v2.4.29 in Bionic and Disco

2019-08-15 Thread Hans Joachim Desserud
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-0197 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1840188 Title: Apply fix for CVE-2019-0197 in v2.4.29 in Bionic and Disco To