Univention Bugzilla – Bug 56740
nghttp2: Multiple issues (5.0)
Last modified: 2023-10-18 16:20:33 CEST
New Debian nghttp2 1.36.0-2+deb10u2 fixes: This update addresses the following issues: 1.36.0-2+deb10u2 (Mon, 16 Oct 2023 13:34:24 +0100) * Non-maintainer upload by the LTS Security Team. * Backport upstream fixes for CVE-2020-11080. * Backport upstream fix for CVE-2023-44487. * Add three new symbols from backported fixes to libnghttp2-14.symbols.
--- mirror/ftp/pool/main/n/nghttp2/nghttp2_1.36.0-2+deb10u1.dsc +++ apt/ucs_5.0-0-errata5.0-5/source/nghttp2_1.36.0-2+deb10u2.dsc @@ -1,3 +1,10 @@ +1.36.0-2+deb10u2 [Mon, 16 Oct 2023 13:34:24 +0100] Sean Whitton <spwhitton@spwhitton.name>: + + * Non-maintainer upload by the LTS Security Team. + * Backport upstream fixes for CVE-2020-11080 (Closes: #962145). + * Backport upstream fix for CVE-2023-44487 (Closes: #1053769). + * Add three new symbols from backported fixes to libnghttp2-14.symbols. + 1.36.0-2+deb10u1 [Fri, 23 Aug 2019 17:52:43 +0200] Tomasz Buchert <tomasz@debian.org>: * Fix CVE-2019-9511 and CVE-2019-9513. <http://piuparts.knut.univention.de/5.0-5/#2335422294993604596>
OK: bug OK: yaml OK: announce_errata OK: patch OK: piuparts [5.0-5] d3c5411d7b Bug #56740: nghttp2 1.36.0-2+deb10u2 doc/errata/staging/nghttp2.yaml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) [5.0-5] 1561737409 Bug #56740: nghttp2 1.36.0-2+deb10u2 doc/errata/staging/nghttp2.yaml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x843>