ELSA-2020-0708

ULN >
Oracle Linux Errata repository >
ELSA-2020-0708

ELSA-2020-0708 - http-parser security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2020-03-06

Description

[2.8.0-5.2]
- Do not break ABI with CVE-2019-15605 fix

[2.8.0-5.1]
- Resolves: CVE-2019-15605 http-parser: nodejs: HTTP request
smuggling using malformed Transfer-Encoding header

Related CVEs

CVE-2019-15605

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	http-parser-2.8.0-5.el8_1.2.src.rpm	0ea2323ce11d8ececbbcb70751a955c4a139cf234f7b64e3f7f278137f6787e6	-	ol8_aarch64_appstream
	http-parser-2.8.0-5.el8_1.2.aarch64.rpm	f009648bf339abe3d7b64d314e5f05d3b79111e135c8eca4ae1674420617935a	-	ol8_aarch64_appstream

Oracle Linux 8 (x86_64)	http-parser-2.8.0-5.el8_1.2.src.rpm	0ea2323ce11d8ececbbcb70751a955c4a139cf234f7b64e3f7f278137f6787e6	-	ol8_x86_64_appstream
	http-parser-2.8.0-5.el8_1.2.i686.rpm	f0cdd6c14ec519b12e05172a9322bed5baa5462b57feadb4937898581c53a961	-	ol8_x86_64_appstream
	http-parser-2.8.0-5.el8_1.2.x86_64.rpm	3c9e4cdead33c47b719d893e829c00a033227295357a5ee505b6aba3960fdc32	-	ol8_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691