[Git][security-tracker-team/security-tracker][master] Update some references for CVE-2023-44487
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Oct 18 15:51:15 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
49a2a50d by Salvatore Bonaccorso at 2023-10-18T16:50:42+02:00
Update some references for CVE-2023-44487
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1619,19 +1619,19 @@ CVE-2023-44487 (The HTTP/2 protocol allows a denial of service (server resource
- nghttp2 <unfixed> (bug #1053769)
- jetty9 9.4.53-1
- netty <unfixed>
- NOTE: Tomcat: https://github.com/apache/tomcat/commit/76bb4bfbfeae827dce896f650655bbf6e251ed49 (10.1.x)
- NOTE: Tomcat: https://github.com/apache/tomcat/commit/6d1a9fd6642387969e4410b9989c85856b74917a (9.0.x)
+ NOTE: Tomcat: https://github.com/apache/tomcat/commit/76bb4bfbfeae827dce896f650655bbf6e251ed49 (10.1.14)
+ NOTE: Tomcat: https://github.com/apache/tomcat/commit/6d1a9fd6642387969e4410b9989c85856b74917a (9.0.81)
NOTE: ATS: https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q
- NOTE: ATS: https://github.com/apache/trafficserver/commit/b28ad74f117307e8de206f1de70c3fa716f90682 (9.2.x)
+ NOTE: ATS: https://github.com/apache/trafficserver/commit/b28ad74f117307e8de206f1de70c3fa716f90682 (9.2.3-rc0)
NOTE: h2o: https://github.com/h2o/h2o/commit/28fe15117b909588bf14269a0e1c6ec4548579fe
- NOTE: haproxy: http://git.haproxy.org/?p=haproxy.git;a=commit;h=f210191dc (v1.9-dev1)
- NOTE: nginx: https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html
- NOTE: nginx: https://github.com/nginx/nginx/commit/6ceef192e7af1c507826ac38a2d43f08bf265fb9
+ NOTE: haproxy: http://git.haproxy.org/?p=haproxy.git;a=commit;h=f210191dcdf32a2cb263c5bd22b7fc98698ce59a (v1.9-dev1)
NOTE: haproxy: https://www.mail-archive.com/haproxy@formilux.org/msg44134.html
NOTE: haproxy: https://www.mail-archive.com/haproxy@formilux.org/msg44136.html
+ NOTE: nginx: https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html
+ NOTE: nginx: https://github.com/nginx/nginx/commit/6ceef192e7af1c507826ac38a2d43f08bf265fb9
NOTE: nghttp2: https://github.com/nghttp2/nghttp2/pull/1961
NOTE: nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg
- NOTE: nghttp2: https://github.com/nghttp2/nghttp2/commit/72b4af6143681f528f1d237b21a9a7aee1738832
+ NOTE: nghttp2: https://github.com/nghttp2/nghttp2/commit/72b4af6143681f528f1d237b21a9a7aee1738832 (v1.57.0)
NOTE: jetty9: https://github.com/eclipse/jetty.project/issues/10679
NOTE: jetty9: https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.53.v20231009
NOTE: https://www.openwall.com/lists/oss-security/2023/10/10/6
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/49a2a50d34fa487aec20cff01ac312e1d6230290
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/49a2a50d34fa487aec20cff01ac312e1d6230290
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231018/45b010d1/attachment.htm>
More information about the debian-security-tracker-commits
mailing list