[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20190901210806.6rdg4qq5u5xs3ysv@seger.debian.org>
Date: Sun, 1 Sep 2019 21:08:06 +0000
From: Moritz Muehlenhoff <jmm@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 4511-1] nghttp2 security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4511-1 security@...ian.org
https://www.debian.org/security/ Moritz Muehlenhoff
September 01, 2019 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : nghttp2
CVE ID : CVE-2019-9511 CVE-2019-9513
Two vulnerabilities were discovered in the HTTP/2 code of the nghttp2
HTTP server, which could result in denial of service.
For the oldstable distribution (stretch), these problems have been fixed
in version 1.18.1-1+deb9u1.
For the stable distribution (buster), these problems have been fixed in
version 1.36.0-2+deb10u1.
We recommend that you upgrade your nghttp2 packages.
For the detailed security status of nghttp2 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/nghttp2
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl1sMs8ACgkQEMKTtsN8
Tjb8Uw//S/tOXQZwAiYCUe3tC+Uc/Zz3FpbSoC73Edn/zShG5PWuACth3NDbBhZI
Ye7o8jMxvsJ1J/McekMPqT8eD5D+HxrQJAkZzvyquVKhxhgHB4onmqOn6/kMiuFp
sdUhBh+Kyiwr0ix2uph92KxggC+jq65RbvSWFFP0CXQJ2Ua0929JJQfkv76Wk1nD
bWd2Pw0maSiXTagShhWqCkBgZo5swMIx2uHvixlFe75FnERnwu3JhKHL4R90r3dq
rqItD3BDWXa2l8UNjPj7W7Nf01UxZSPl+GCOR+qDX0LDghy1M9GOz9u8qq+argca
foHTJPPibbG3DYsOg5BrQkQE9LiRZmezhG13hkIEN25cKDyZo2gxCZ597MSfjzgf
6VLTFRbd2cLmK0iilXa6OtL3Rm3wTTgSjhZ5wjSgbPddpHnso//AeFpSyCyIIDWL
VHlB44ehulQljfYxH0iLH8cy9MtEDk5zhOh9ziFjnzDtx5JX7l/5D8LLOGHZj67O
TH0VNXYmKvt/x9ROi3G9+1XweYM8rYIwxQlBIVASQtlSfqqYCOX5LjJkSuBQhk8D
nsGr1umNZ8hdDc4dfZQiD/Trwo99/3HuPdmEt5jwfunocygMyv9+yLfB+J3H+AS/
5epPIGh/E96OLBqPwWUryVX3xx8JiEaHvxPFIDLzZyRYSjQaSXo=
=FvKi
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists