ELSA-2023-5837

ULN >
Oracle Linux Errata repository >
ELSA-2023-5837

ELSA-2023-5837 - nghttp2 security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2023-10-19

Description

[1.33.0-5]
- fix HTTP/2 Rapid Reset (CVE-2023-44487)

[1.33.0-4]
- prevent DoS caused by overly large SETTINGS frames (CVE-2020-11080)

Related CVEs

CVE-2023-44487

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	nghttp2-1.33.0-5.el8_8.src.rpm	4638a9f73fd128dcf86390b7fd425901	-	ol8_aarch64_baseos_latest
	nghttp2-1.33.0-5.el8_8.src.rpm	4638a9f73fd128dcf86390b7fd425901	-	ol8_aarch64_codeready_builder
	nghttp2-1.33.0-5.el8_8.src.rpm	4638a9f73fd128dcf86390b7fd425901	-	ol8_aarch64_u8_baseos_patch
	libnghttp2-1.33.0-5.el8_8.aarch64.rpm	97705394434f74765cc58f9029755d0f	-	ol8_aarch64_baseos_latest
	libnghttp2-1.33.0-5.el8_8.aarch64.rpm	97705394434f74765cc58f9029755d0f	-	ol8_aarch64_u8_baseos_patch
	libnghttp2-devel-1.33.0-5.el8_8.aarch64.rpm	8439d095cf0085e6c0512fe8a6c7968b	-	ol8_aarch64_codeready_builder
	nghttp2-1.33.0-5.el8_8.aarch64.rpm	b7cc2cd871824288842602119e01106d	-	ol8_aarch64_codeready_builder

Oracle Linux 8 (x86_64)	nghttp2-1.33.0-5.el8_8.src.rpm	4638a9f73fd128dcf86390b7fd425901	-	ol8_x86_64_baseos_latest
	nghttp2-1.33.0-5.el8_8.src.rpm	4638a9f73fd128dcf86390b7fd425901	-	ol8_x86_64_codeready_builder
	nghttp2-1.33.0-5.el8_8.src.rpm	4638a9f73fd128dcf86390b7fd425901	-	ol8_x86_64_u8_baseos_patch
	libnghttp2-1.33.0-5.el8_8.i686.rpm	d68ca3cd7fd12a959b7fe4dc7cd1d273	-	ol8_x86_64_baseos_latest
	libnghttp2-1.33.0-5.el8_8.i686.rpm	d68ca3cd7fd12a959b7fe4dc7cd1d273	-	ol8_x86_64_u8_baseos_patch
	libnghttp2-1.33.0-5.el8_8.x86_64.rpm	50751adbcd088ea44b7a811ee539108e	-	ol8_x86_64_baseos_latest
	libnghttp2-1.33.0-5.el8_8.x86_64.rpm	50751adbcd088ea44b7a811ee539108e	-	ol8_x86_64_u8_baseos_patch
	libnghttp2-devel-1.33.0-5.el8_8.i686.rpm	dcbb91ee116fca2977da189b65c6d1f3	-	ol8_x86_64_codeready_builder
	libnghttp2-devel-1.33.0-5.el8_8.x86_64.rpm	9a6304af701ab792f2286db57dcd5ced	-	ol8_x86_64_codeready_builder
	nghttp2-1.33.0-5.el8_8.x86_64.rpm	bb08b3dc71293c0a2588d9441a93bbac	-	ol8_x86_64_codeready_builder

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691