commit | c0201c74b6821030cb1cd4260b5ef69c6fc0ac33 | [log] [tgz] |
---|---|---|
author | Peter Korsgaard <peter@korsgaard.com> | Thu Sep 12 21:43:53 2019 +0200 |
committer | Jan Kundrát <jan.kundrat@cesnet.cz> | Thu Oct 10 17:11:50 2019 +0200 |
tree | a68408f74f066be52b9f1dedb483e439ff60d97e | |
parent | baf130146af06d9f21333169b6dafe76a79e7b4d [diff] |
package/nghttp2: security bump to version 1.39.2 Fixes the following security issues: CVE-2019-9511: Data Dribble CVE-2019-9513: Resource Loop For details, see the advisory: https://nghttp2.org/blog/2019/08/19/nghttp2-v1-39-2/ Notice that libnghttp2 itself is not affected by these vulnerabilities, only nghttpx and nghttpd (which are currently not built). Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>