This bug was fixed in the package apache2 - 2.4.38-2ubuntu2.2
---
apache2 (2.4.38-2ubuntu2.2) disco-security; urgency=medium
* SECURITY UPDATE: HTTP/2 internal data buffering denial of service.
- d/p/mod_http2-1.15.4-backport-0004-CVE-2019-9517.patch: improve
http/2
This bug was fixed in the package apache2 - 2.4.29-1ubuntu4.10
---
apache2 (2.4.29-1ubuntu4.10) bionic-security; urgency=medium
* SECURITY UPDATE: HTTP/2 internal data buffering denial of service.
- d/p/mod_http2-1.15.4-backport-0004-CVE-2019-9517.patch: improve
http/2
Testing on Bionic, some sanity checking only. Looks good so far.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1840188
Title:
Apply fix for CVE-2019-0197 in v2.4.29 in Bionic and Disco
To manage
Any testing which you can give would be great.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1840188
Title:
Apply fix for CVE-2019-0197 in v2.4.29 in Bionic and Disco
To manage notifications about
Alex,
If I can find a suitable test case I'd be happy to test. Or are we
talking just general testing?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1840188
Title:
Apply fix for CVE-2019-0197 in
There is a package in the ubuntu-security-proposed PPA which includes
this fix (and some others) for both bionic and disco, any testing which
you could provide would be appreciated. https://launchpad.net/~ubuntu-
security-proposed/+archive/ubuntu/ppa
--
You received this bug notification because
Hi,
this is tracked in
https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-0197.html
but the priority currently is low.
There seems to be all kind of http2 effort right now.
I'll ping the security team to be aware of your bug to close it once a fix is
released.
** Changed in:
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-0197
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1840188
Title:
Apply fix for CVE-2019-0197 in v2.4.29 in Bionic and Disco
To