ELSA-2020-2755

ELSA-2020-2755 - nghttp2 security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2020-07-06

Description


[1.33.0-3.el8_2.1]
- prevent DoS caused by overly large SETTINGS frames (CVE-2020-11080)

[1.33.0-3]
- rebuild to trigger gating (#1681044)

[1.33.0-2]
- backport security fixes from nghttp2-1.39.2 (CVE-2019-9511 and CVE-2019-9513)


Related CVEs


CVE-2020-11080

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 8 (aarch64) nghttp2-1.33.0-3.el8_2.1.src.rpm1c212218f3ac3ce54f78b5e7596a3695fad2cded596051623d3edb75a14c96c8-ol8_aarch64_baseos_developer
nghttp2-1.33.0-3.el8_2.1.src.rpm1c212218f3ac3ce54f78b5e7596a3695fad2cded596051623d3edb75a14c96c8-ol8_aarch64_baseos_latest
nghttp2-1.33.0-3.el8_2.1.src.rpm1c212218f3ac3ce54f78b5e7596a3695fad2cded596051623d3edb75a14c96c8-ol8_aarch64_codeready_builder
nghttp2-1.33.0-3.el8_2.1.src.rpm1c212218f3ac3ce54f78b5e7596a3695fad2cded596051623d3edb75a14c96c8-ol8_aarch64_codeready_builder_developer
nghttp2-1.33.0-3.el8_2.1.src.rpm1c212218f3ac3ce54f78b5e7596a3695fad2cded596051623d3edb75a14c96c8-ol8_aarch64_u2_baseos_patch
nghttp2-1.33.0-3.el8_2.1.src.rpm1c212218f3ac3ce54f78b5e7596a3695fad2cded596051623d3edb75a14c96c8-ol8_aarch64_u3_baseos_base
nghttp2-1.33.0-3.el8_2.1.src.rpm1c212218f3ac3ce54f78b5e7596a3695fad2cded596051623d3edb75a14c96c8-ol8_aarch64_u4_baseos_base
nghttp2-1.33.0-3.el8_2.1.src.rpm1c212218f3ac3ce54f78b5e7596a3695fad2cded596051623d3edb75a14c96c8-ol8_aarch64_u5_baseos_base
nghttp2-1.33.0-3.el8_2.1.src.rpm1c212218f3ac3ce54f78b5e7596a3695fad2cded596051623d3edb75a14c96c8-ol8_aarch64_u6_baseos_base
nghttp2-1.33.0-3.el8_2.1.src.rpm1c212218f3ac3ce54f78b5e7596a3695fad2cded596051623d3edb75a14c96c8-ol8_aarch64_u7_baseos_base
nghttp2-1.33.0-3.el8_2.1.src.rpm1c212218f3ac3ce54f78b5e7596a3695fad2cded596051623d3edb75a14c96c8-ol8_aarch64_u8_baseos_base
libnghttp2-1.33.0-3.el8_2.1.aarch64.rpm3ea7813e39ad26979d210e70d5d81937a3b2caae6710e322579128b57941ceb8-ol8_aarch64_baseos_developer
libnghttp2-1.33.0-3.el8_2.1.aarch64.rpm3ea7813e39ad26979d210e70d5d81937a3b2caae6710e322579128b57941ceb8-ol8_aarch64_baseos_latest
libnghttp2-1.33.0-3.el8_2.1.aarch64.rpm3ea7813e39ad26979d210e70d5d81937a3b2caae6710e322579128b57941ceb8-ol8_aarch64_u2_baseos_patch
libnghttp2-1.33.0-3.el8_2.1.aarch64.rpm3ea7813e39ad26979d210e70d5d81937a3b2caae6710e322579128b57941ceb8-ol8_aarch64_u3_baseos_base
libnghttp2-1.33.0-3.el8_2.1.aarch64.rpm3ea7813e39ad26979d210e70d5d81937a3b2caae6710e322579128b57941ceb8-ol8_aarch64_u4_baseos_base
libnghttp2-1.33.0-3.el8_2.1.aarch64.rpm3ea7813e39ad26979d210e70d5d81937a3b2caae6710e322579128b57941ceb8-ol8_aarch64_u5_baseos_base
libnghttp2-1.33.0-3.el8_2.1.aarch64.rpm3ea7813e39ad26979d210e70d5d81937a3b2caae6710e322579128b57941ceb8-ol8_aarch64_u6_baseos_base
libnghttp2-1.33.0-3.el8_2.1.aarch64.rpm3ea7813e39ad26979d210e70d5d81937a3b2caae6710e322579128b57941ceb8-ol8_aarch64_u7_baseos_base
libnghttp2-1.33.0-3.el8_2.1.aarch64.rpm3ea7813e39ad26979d210e70d5d81937a3b2caae6710e322579128b57941ceb8-ol8_aarch64_u8_baseos_base
libnghttp2-devel-1.33.0-3.el8_2.1.aarch64.rpmae020574f3e51e7a6680409e5b38459d63024ab30923c170e926900f1028ede5-ol8_aarch64_codeready_builder
libnghttp2-devel-1.33.0-3.el8_2.1.aarch64.rpmae020574f3e51e7a6680409e5b38459d63024ab30923c170e926900f1028ede5-ol8_aarch64_codeready_builder_developer
nghttp2-1.33.0-3.el8_2.1.aarch64.rpmd2a3cc13e4c3de2d6a5c757ed6f48d4b05ad9746f89f735338c5a347f390304f-ol8_aarch64_codeready_builder
nghttp2-1.33.0-3.el8_2.1.aarch64.rpmd2a3cc13e4c3de2d6a5c757ed6f48d4b05ad9746f89f735338c5a347f390304f-ol8_aarch64_codeready_builder_developer
Oracle Linux 8 (x86_64) nghttp2-1.33.0-3.el8_2.1.src.rpm1c212218f3ac3ce54f78b5e7596a3695fad2cded596051623d3edb75a14c96c8-ol8_x86_64_baseos_developer
nghttp2-1.33.0-3.el8_2.1.src.rpm1c212218f3ac3ce54f78b5e7596a3695fad2cded596051623d3edb75a14c96c8-ol8_x86_64_baseos_latest
nghttp2-1.33.0-3.el8_2.1.src.rpm1c212218f3ac3ce54f78b5e7596a3695fad2cded596051623d3edb75a14c96c8-ol8_x86_64_codeready_builder
nghttp2-1.33.0-3.el8_2.1.src.rpm1c212218f3ac3ce54f78b5e7596a3695fad2cded596051623d3edb75a14c96c8-ol8_x86_64_codeready_builder_developer
nghttp2-1.33.0-3.el8_2.1.src.rpm1c212218f3ac3ce54f78b5e7596a3695fad2cded596051623d3edb75a14c96c8-ol8_x86_64_u2_baseos_patch
nghttp2-1.33.0-3.el8_2.1.src.rpm1c212218f3ac3ce54f78b5e7596a3695fad2cded596051623d3edb75a14c96c8-ol8_x86_64_u3_baseos_base
nghttp2-1.33.0-3.el8_2.1.src.rpm1c212218f3ac3ce54f78b5e7596a3695fad2cded596051623d3edb75a14c96c8-ol8_x86_64_u4_baseos_base
nghttp2-1.33.0-3.el8_2.1.src.rpm1c212218f3ac3ce54f78b5e7596a3695fad2cded596051623d3edb75a14c96c8-ol8_x86_64_u5_baseos_base
nghttp2-1.33.0-3.el8_2.1.src.rpm1c212218f3ac3ce54f78b5e7596a3695fad2cded596051623d3edb75a14c96c8-ol8_x86_64_u6_baseos_base
nghttp2-1.33.0-3.el8_2.1.src.rpm1c212218f3ac3ce54f78b5e7596a3695fad2cded596051623d3edb75a14c96c8-ol8_x86_64_u7_baseos_base
nghttp2-1.33.0-3.el8_2.1.src.rpm1c212218f3ac3ce54f78b5e7596a3695fad2cded596051623d3edb75a14c96c8-ol8_x86_64_u8_baseos_base
libnghttp2-1.33.0-3.el8_2.1.i686.rpmd4282d10a9e0026d07dbf3661f7a6f2b9d14eb32d5ee09a823e7b2de1a8bcf95-ol8_x86_64_baseos_developer
libnghttp2-1.33.0-3.el8_2.1.i686.rpmd4282d10a9e0026d07dbf3661f7a6f2b9d14eb32d5ee09a823e7b2de1a8bcf95-ol8_x86_64_baseos_latest
libnghttp2-1.33.0-3.el8_2.1.i686.rpmd4282d10a9e0026d07dbf3661f7a6f2b9d14eb32d5ee09a823e7b2de1a8bcf95-ol8_x86_64_u2_baseos_patch
libnghttp2-1.33.0-3.el8_2.1.i686.rpmd4282d10a9e0026d07dbf3661f7a6f2b9d14eb32d5ee09a823e7b2de1a8bcf95-ol8_x86_64_u3_baseos_base
libnghttp2-1.33.0-3.el8_2.1.i686.rpmd4282d10a9e0026d07dbf3661f7a6f2b9d14eb32d5ee09a823e7b2de1a8bcf95-ol8_x86_64_u4_baseos_base
libnghttp2-1.33.0-3.el8_2.1.i686.rpmd4282d10a9e0026d07dbf3661f7a6f2b9d14eb32d5ee09a823e7b2de1a8bcf95-ol8_x86_64_u5_baseos_base
libnghttp2-1.33.0-3.el8_2.1.i686.rpmd4282d10a9e0026d07dbf3661f7a6f2b9d14eb32d5ee09a823e7b2de1a8bcf95-ol8_x86_64_u6_baseos_base
libnghttp2-1.33.0-3.el8_2.1.i686.rpmd4282d10a9e0026d07dbf3661f7a6f2b9d14eb32d5ee09a823e7b2de1a8bcf95-ol8_x86_64_u7_baseos_base
libnghttp2-1.33.0-3.el8_2.1.i686.rpmd4282d10a9e0026d07dbf3661f7a6f2b9d14eb32d5ee09a823e7b2de1a8bcf95-ol8_x86_64_u8_baseos_base
libnghttp2-1.33.0-3.el8_2.1.x86_64.rpm4ad69454786fd9893c404747e983e6ceeaa2759967b0f19946b7b1e10cd13463-exadata_dbserver_23.1.0.0.0_x86_64_base
libnghttp2-1.33.0-3.el8_2.1.x86_64.rpm4ad69454786fd9893c404747e983e6ceeaa2759967b0f19946b7b1e10cd13463-exadata_dbserver_23.1.1.0.0_x86_64_base
libnghttp2-1.33.0-3.el8_2.1.x86_64.rpm4ad69454786fd9893c404747e983e6ceeaa2759967b0f19946b7b1e10cd13463-exadata_dbserver_23.1.2.0.0_x86_64_base
libnghttp2-1.33.0-3.el8_2.1.x86_64.rpm4ad69454786fd9893c404747e983e6ceeaa2759967b0f19946b7b1e10cd13463-exadata_dbserver_23.1.3.0.0_x86_64_base
libnghttp2-1.33.0-3.el8_2.1.x86_64.rpm4ad69454786fd9893c404747e983e6ceeaa2759967b0f19946b7b1e10cd13463-exadata_dbserver_23.1.4.0.0_x86_64_base
libnghttp2-1.33.0-3.el8_2.1.x86_64.rpm4ad69454786fd9893c404747e983e6ceeaa2759967b0f19946b7b1e10cd13463-exadata_dbserver_23.1.5.0.0_x86_64_base
libnghttp2-1.33.0-3.el8_2.1.x86_64.rpm4ad69454786fd9893c404747e983e6ceeaa2759967b0f19946b7b1e10cd13463-exadata_dbserver_23.1.6.0.0_x86_64_base
libnghttp2-1.33.0-3.el8_2.1.x86_64.rpm4ad69454786fd9893c404747e983e6ceeaa2759967b0f19946b7b1e10cd13463-exadata_dbserver_23.1.7.0.0_x86_64_base
libnghttp2-1.33.0-3.el8_2.1.x86_64.rpm4ad69454786fd9893c404747e983e6ceeaa2759967b0f19946b7b1e10cd13463-ol8_x86_64_baseos_developer
libnghttp2-1.33.0-3.el8_2.1.x86_64.rpm4ad69454786fd9893c404747e983e6ceeaa2759967b0f19946b7b1e10cd13463-ol8_x86_64_baseos_latest
libnghttp2-1.33.0-3.el8_2.1.x86_64.rpm4ad69454786fd9893c404747e983e6ceeaa2759967b0f19946b7b1e10cd13463-ol8_x86_64_u2_baseos_patch
libnghttp2-1.33.0-3.el8_2.1.x86_64.rpm4ad69454786fd9893c404747e983e6ceeaa2759967b0f19946b7b1e10cd13463-ol8_x86_64_u3_baseos_base
libnghttp2-1.33.0-3.el8_2.1.x86_64.rpm4ad69454786fd9893c404747e983e6ceeaa2759967b0f19946b7b1e10cd13463-ol8_x86_64_u4_baseos_base
libnghttp2-1.33.0-3.el8_2.1.x86_64.rpm4ad69454786fd9893c404747e983e6ceeaa2759967b0f19946b7b1e10cd13463-ol8_x86_64_u5_baseos_base
libnghttp2-1.33.0-3.el8_2.1.x86_64.rpm4ad69454786fd9893c404747e983e6ceeaa2759967b0f19946b7b1e10cd13463-ol8_x86_64_u6_baseos_base
libnghttp2-1.33.0-3.el8_2.1.x86_64.rpm4ad69454786fd9893c404747e983e6ceeaa2759967b0f19946b7b1e10cd13463-ol8_x86_64_u7_baseos_base
libnghttp2-1.33.0-3.el8_2.1.x86_64.rpm4ad69454786fd9893c404747e983e6ceeaa2759967b0f19946b7b1e10cd13463-ol8_x86_64_u8_baseos_base
libnghttp2-devel-1.33.0-3.el8_2.1.i686.rpm82fce98fd610e30b0e61ce44aa901b3741dc224f8322edc667337b552ac6aa0b-ol8_x86_64_codeready_builder
libnghttp2-devel-1.33.0-3.el8_2.1.i686.rpm82fce98fd610e30b0e61ce44aa901b3741dc224f8322edc667337b552ac6aa0b-ol8_x86_64_codeready_builder_developer
libnghttp2-devel-1.33.0-3.el8_2.1.x86_64.rpmd93cbe58d1cb401d4698f8d59cbfbbc27c4de22b36f8a51580a5209910cf47b7-ol8_x86_64_codeready_builder
libnghttp2-devel-1.33.0-3.el8_2.1.x86_64.rpmd93cbe58d1cb401d4698f8d59cbfbbc27c4de22b36f8a51580a5209910cf47b7-ol8_x86_64_codeready_builder_developer
nghttp2-1.33.0-3.el8_2.1.x86_64.rpm8efee75cf50e614197bd581a99db856ed239c49e6716ce2fd51ea00c637b2336-ol8_x86_64_codeready_builder
nghttp2-1.33.0-3.el8_2.1.x86_64.rpm8efee75cf50e614197bd581a99db856ed239c49e6716ce2fd51ea00c637b2336-ol8_x86_64_codeready_builder_developer



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete