[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

SUSE-SU-2019:2473-1 -- SLES nghttp2, libnghttp2-14, libnghttp2-devel, libnghttp2_asio-devel, libnghttp2_asio1

ID: oval:org.secpod.oval:def:89050643Date: (C)2023-10-16   (M)2024-04-17
Class: PATCHFamily: unix




This update for nghttp2 fixes the following issues: Security issues fixed: - CVE-2019-9513: Fixed HTTP/2 implementation that is vulnerable to resource loops, potentially leading to a denial of service . - CVE-2019-9511: Fixed HTTP/2 implementations that are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service . Bug fixes and enhancements: - Fixed mistake in spec file - Fixed build issue with boost 1.70.0 - Feature: Add WS module

Platform:
SUSE Linux Enterprise Server 15
SUSE Linux Enterprise Desktop 15
SUSE Linux Enterprise Desktop 15 SP1
SUSE Linux Enterprise Server 15 SP1
Product:
nghttp2
libnghttp2-14
libnghttp2-devel
libnghttp2_asio-devel
libnghttp2_asio1
Reference:
SUSE-SU-2019:2473-1
CVE-2019-9511
CVE-2019-9513
CVE    2
CVE-2019-9511
CVE-2019-9513
CPE    7
cpe:/o:suse:suse_linux_enterprise_server:15
cpe:/a:libnghttp2:libnghttp2-devel
cpe:/o:suse:suse_linux_enterprise_server:15:sp1
cpe:/a:libnghttp2:libnghttp2-14
...

© SecPod Technologies