subject:"Bug#1068415\: nghttp2\: CVE\-2024\-28182\: Reading unbounded number of HTTP\/2 CONTINUATION frames to cause excessive CPU usage"

Bug#1068415: nghttp2: CVE-2024-28182: Reading unbounded number of HTTP/2 CONTINUATION frames to cause excessive CPU usage

2024-04-30 Thread Guilhem Moulin

Hi Tomasz, On Fri, 5 Apr 2024 at 01:11:41 +0200, Tomasz Buchert wrote: > Looking into older versions and appropriately patching them will take > more time. I'm preparing an update for this issue for Buster LTS and can hand tested debdiffs over to the Security Team for newer suites if you'd like.

Bug#1068415: nghttp2: CVE-2024-28182: Reading unbounded number of HTTP/2 CONTINUATION frames to cause excessive CPU usage

2024-04-04 Thread Tomasz Buchert

On 04/04/24 21:36, Salvatore Bonaccorso wrote: > Source: nghttp2 > Version: 1.60.0-1 > Severity: grave > Tags: security upstream > Justification: user security hole > X-Debbugs-Cc: car...@debian.org, Debian Security Team > > > Hi, > > The following vulnerability was published for nghttp2. > >

Bug#1068415: nghttp2: CVE-2024-28182: Reading unbounded number of HTTP/2 CONTINUATION frames to cause excessive CPU usage

2024-04-04 Thread Salvatore Bonaccorso

Source: nghttp2 Version: 1.60.0-1 Severity: grave Tags: security upstream Justification: user security hole X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerability was published for nghttp2. CVE-2024-28182[0]: | nghttp2 is an implementation of the Hypertext

Bug#1068415: nghttp2: CVE-2024-28182: Reading unbounded number of HTTP/2 CONTINUATION frames to cause excessive CPU usage

Bug#1068415: nghttp2: CVE-2024-28182: Reading unbounded number of HTTP/2 CONTINUATION frames to cause excessive CPU usage

Bug#1068415: nghttp2: CVE-2024-28182: Reading unbounded number of HTTP/2 CONTINUATION frames to cause excessive CPU usage

3 matches

Site Navigation

Mail list logo

Footer information