-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 27 Sep 2024 16:25:38 +0300 Source: nghttp2 Architecture: source Version: 1.52.0-1+deb12u2 Distribution: bookworm Urgency: medium Maintainer: Tomasz Buchert Changed-By: Adrian Bunk Closes: 1068415 Changes: nghttp2 (1.52.0-1+deb12u2) bookworm; urgency=medium . * Non-maintainer upload. * CVE-2024-28182: unbounded number of HTTP/2 CONTINUATION frames DoS (Closes: #1068415) * nghttp2_option_set_stream_reset_rate_limit was added in 1.52.0-1+deb12u1, add to debian/libnghttp2-14.symbols Checksums-Sha1: 77adc56fe3c4b03d8ab4a8d3a5b492daf3ebe54b 2541 nghttp2_1.52.0-1+deb12u2.dsc 88b51cc1f474df906ce3c3dc363bdf0cae3d76d0 1064232 nghttp2_1.52.0.orig.tar.gz 1df1e9cb689ef10c1722485a469f849d3885db80 19076 nghttp2_1.52.0-1+deb12u2.debian.tar.xz Checksums-Sha256: 7105204227770127b9b71c01d5554a2b4c735b074e1e69d5c74939b78b9f84c3 2541 nghttp2_1.52.0-1+deb12u2.dsc 6b71561a9950b4a90fa36aa3160763f1437f3730d7a12434e416aa3f4ab145e0 1064232 nghttp2_1.52.0.orig.tar.gz 37335fd2f60de4e4aada982cbe0f6111437bacf16cba055ea535be9dd2df98c7 19076 nghttp2_1.52.0-1+deb12u2.debian.tar.xz Files: 69eb01709616cef0d3a99c424fcc21ca 2541 httpd optional nghttp2_1.52.0-1+deb12u2.dsc 1a6b9d0a167cda033c7525818576dbd7 1064232 httpd optional nghttp2_1.52.0.orig.tar.gz e2c84e257490c104e20e8abe19df5276 19076 httpd optional nghttp2_1.52.0-1+deb12u2.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmb4NrwACgkQiNJCh6LY mLE+OQ//fH6euelztGks/PQNaSXn8K77xfbx+4UPy+jayDOqnDnD2OlJp6QDTT7a hTmwtpsoYMhqShPy2M/okAzGQeCg1g5OL9T9bJuP9C0bkDd5r6l2S0bTEjeyTsvj Lajq8cV9MEHkyB8sXeEQKYkUou4d2zBTCLO5qAbaUZb4BM9ssLpxuFyqgQ6ylRXz +quL2UZpL7s8TTNejkXOkW931+u9Xy/MmQJcTwYG2S9rrUYP1s4OzEnLOp06aOvH dYSpXvVsCQ1chhNzSW+654QErYqLtmCiir8HKkx4Ak3o/NlgqEN4iMm58MpSYYSN 64angM3Y9cHtaFHJXZWwhbE4KO7lC1jSA4eG2df3iVXYFz0U/lgTTIdXSVIW4Qa0 +7yNXbQTBEMu4A2dptbY0svNC2T86ptdd9yu8hciBs/eREherB7eT0xr38Cm9jG4 2DZ6uODMUeLDu3gHNrdZnXeyH/jfPLc3CgHzgviOveb2VWRP8Tf+juT2yOf5nB5g gjBR44lErvI4j/afA7g6WaWiudRv7MzFoYxhSu+jZyQQKSBX0q6Ih+612dsEnFJf 7nAjihlpeLpowNePLcMRvMfsjwZRZuyGp/nnbhVsfy7f2kWgamR4zNOgptyMtb1U ustD6u7QVhUpwLiXSys7A2UnZyC6OZfrMt1UQmo7qW+93KqQZBA= =GoXX -----END PGP SIGNATURE-----