ELSA-2020-2755

ULN >
Oracle Linux Errata repository >
ELSA-2020-2755

ELSA-2020-2755 - nghttp2 security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2020-07-06

Description

[1.33.0-3.el8_2.1]
- prevent DoS caused by overly large SETTINGS frames (CVE-2020-11080)

[1.33.0-3]
- rebuild to trigger gating (#1681044)

[1.33.0-2]
- backport security fixes from nghttp2-1.39.2 (CVE-2019-9511 and CVE-2019-9513)

Related CVEs

CVE-2020-11080

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 8 (aarch64)	nghttp2-1.33.0-3.el8_2.1.src.rpm	85ed4d1c32ae1f82c4a6b8597e85df27	-
	libnghttp2-1.33.0-3.el8_2.1.aarch64.rpm	1de65643f7ff8dc5f2e4352bc8efe036	-
	libnghttp2-devel-1.33.0-3.el8_2.1.aarch64.rpm	5aac99013731402f1074e4695aaa525a	-
	nghttp2-1.33.0-3.el8_2.1.aarch64.rpm	c373574816910c5eb38c47b1d7e45d34	-

Oracle Linux 8 (x86_64)	nghttp2-1.33.0-3.el8_2.1.src.rpm	85ed4d1c32ae1f82c4a6b8597e85df27	-
	libnghttp2-1.33.0-3.el8_2.1.i686.rpm	8719c24a357a42f07f20cd6b4aecf99a	-
	libnghttp2-1.33.0-3.el8_2.1.x86_64.rpm	886fa4ea476cbc3f262e34bf73665ca6	-
	libnghttp2-devel-1.33.0-3.el8_2.1.i686.rpm	9c0b8c5d49d07fa94654e4d3ad6a859b	-
	libnghttp2-devel-1.33.0-3.el8_2.1.x86_64.rpm	552e3540bbb87c09237afb7c4b4b5693	-
	nghttp2-1.33.0-3.el8_2.1.x86_64.rpm	cee102edb61ed659eee289afbefb2e6c	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691