[ALSA-2020:2755] Important: nghttp2 security update
Type:
security
Severity:
important
Release date:
2020-06-25
Description:
libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 (HTTP/2) protocol in C. Security Fix(es): * nghttp2: overly large SETTINGS frames can lead to DoS (CVE-2020-11080) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages:
  • libnghttp2-1.33.0-3.el8_2.1.i686.rpm
  • libnghttp2-1.33.0-3.el8_2.1.x86_64.rpm
  • libnghttp2-devel-1.33.0-3.el8_2.1.i686.rpm
  • libnghttp2-devel-1.33.0-3.el8_2.1.x86_64.rpm
  • nghttp2-1.33.0-3.el8_2.1.x86_64.rpm
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.