Comment 2 for bug 1687454

The only issue I see is not a blocker, but should probably be fixed:
I: libnghttp2-14: hardening-no-bindnow usr/lib/x86_64-linux-gnu/libnghttp2.so.14.13.3

Otherwise, since this is meant to support a reverse proxy, it should get a review by the Security Team. Reverse proxies are often security-sensitive, even if there is no CVE I could find in mitre.