-
nghttp2 (1.55.1-1ubuntu0.2) mantic-security; urgency=medium
* SECURITY UPDATE: HTTP/2 protocol denial of service
- debian/patches/CVE-2024-28182-1.patch: Add
nghttp2_option_set_max_continuations
- debian/patches/CVE-2024-28182-2.patch: Limit CONTINUATION frames
following an incoming HEADER frame
- CVE-2024-28182
-- Fabian Toepfer <email address hidden> Wed, 17 Apr 2024 16:45:46 +0200
-
nghttp2 (1.55.1-1ubuntu0.1) mantic-security; urgency=medium
* SECURITY UPDATE: HTTP/2 protocol denial of service
- debian/patches/CVE-2023-44487.patch: implement stream reset rate
limiting.
- CVE-2023-44487
-- Marc Deslauriers <email address hidden> Wed, 11 Oct 2023 10:53:10 -0400
-
nghttp2 (1.55.1-1) unstable; urgency=medium
* New upstream version 1.55.1 (1.55.0 skipped intentionally)
-- Tomasz Buchert <email address hidden> Wed, 19 Jul 2023 08:03:17 +0200
-
nghttp2 (1.54.0-1) unstable; urgency=medium
* New upstream vesion 1.54.0
-- Tomasz Buchert <email address hidden> Sat, 10 Jun 2023 09:25:26 +0200
-
nghttp2 (1.53.0-1) unstable; urgency=medium
* New upstream version 1.53.9
-- Tomasz Buchert <email address hidden> Sun, 21 May 2023 15:46:26 +0200
-
nghttp2 (1.52.0-1) unstable; urgency=medium
* New upstream release 1.52.0
* Update standards version to 4.6.2, no changes needed.
-- Tomasz Buchert <email address hidden> Mon, 20 Feb 2023 19:18:10 +0100