File _patchinfo of Package patchinfo.12370

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.12370

<patchinfo incident="12370">
  <issue tracker="bnc" id="1112438">[TRACKER] FATE #326776 - nodejs10 for W&amp;S module</issue>
  <issue tracker="bnc" id="1125689">nghttp2 mistake in spec file</issue>
  <issue tracker="bnc" id="1134616">nghttp2: fails to build with boost 1.70.0</issue>
  <issue tracker="bnc" id="1146182">VUL-0: CVE-2019-9511: nghttp2: HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially lei</issue>
  <issue tracker="bnc" id="1146184">VUL-1: CVE-2019-9513: nghttp2: HTTP/2 implementation is vulnerable to resource loops, potentially leading to a denial of service.</issue>
  <issue tracker="cve" id="2019-9511"/>
  <issue tracker="cve" id="2019-9513"/>
  <issue tracker="fate" id="326776"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>pluskalm</packager>
  <description>This update for nghttp2 fixes the following issues:

Security issues fixed:

- CVE-2019-9513: Fixed HTTP/2 implementation that is vulnerable to resource loops, potentially leading to a denial of service (bsc#1146184).
- CVE-2019-9511: Fixed HTTP/2 implementations that are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service (bsc#11461).

Bug fixes and enhancements:

- Fixed mistake in spec file (bsc#1125689)
- Fixed build issue with boost 1.70.0 (bsc#1134616)
- Feature: Add W&amp;S module (FATE#326776, bsc#1112438)
  </description>
  <summary>Security update for nghttp2</summary>
</patchinfo>

Places

File _patchinfo of Package patchinfo.12370

Places