-
nghttp2 (1.59.0-1ubuntu0.1) noble-security; urgency=medium
* SECURITY UPDATE: HTTP/2 protocol denial of service
- debian/patches/CVE-2024-28182-1.patch: Add
nghttp2_option_set_max_continuations
- debian/patches/CVE-2024-28182-2.patch: Limit CONTINUATION frames
following an incoming HEADER frame
- CVE-2024-28182
-- Fabian Toepfer <email address hidden> Mon, 06 May 2024 18:02:10 +0200
-
nghttp2 (1.59.0-1build4) noble; urgency=medium
* No-change rebuild for c-ares t64.
-- Matthias Klose <email address hidden> Tue, 16 Apr 2024 11:56:06 +0200
-
nghttp2 (1.59.0-1build3) noble; urgency=medium
* No-change rebuild against libssl3t64.
-- Colin Watson <email address hidden> Mon, 15 Apr 2024 13:36:00 +0100
-
nghttp2 (1.59.0-1build2) noble; urgency=medium
* No-change rebuild for CVE-2024-3094
-- Steve Langasek <email address hidden> Sun, 31 Mar 2024 02:40:16 +0000
-
nghttp2 (1.59.0-1build1) noble; urgency=medium
* No-change rebuild against libssl3t64
-- Steve Langasek <email address hidden> Mon, 04 Mar 2024 20:09:01 +0000
-
nghttp2 (1.59.0-1) unstable; urgency=medium
* New upstream version 1.59.0
-- Tomasz Buchert <email address hidden> Thu, 01 Feb 2024 23:43:52 +0100
-
nghttp2 (1.58.0-1) unstable; urgency=medium
* New upstream version 1.58.0
-- Tomasz Buchert <email address hidden> Sat, 04 Nov 2023 23:21:22 +0100
-
nghttp2 (1.57.0-1) unstable; urgency=medium
* New upstream version 1.57.0
* Fixes HTTP/2 Rapid Reset advisory
-- Tomasz Buchert <email address hidden> Thu, 12 Oct 2023 23:19:30 +0200
-
nghttp2 (1.55.1-1) unstable; urgency=medium
* New upstream version 1.55.1 (1.55.0 skipped intentionally)
-- Tomasz Buchert <email address hidden> Wed, 19 Jul 2023 08:03:17 +0200