ELSA-2023-5837

ELSA-2023-5837 - nghttp2 security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2023-10-19

Description


[1.33.0-5]
- fix HTTP/2 Rapid Reset (CVE-2023-44487)

[1.33.0-4]
- prevent DoS caused by overly large SETTINGS frames (CVE-2020-11080)


Related CVEs


CVE-2023-44487

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 8 (aarch64) nghttp2-1.33.0-5.el8_8.src.rpm9ba5b8089dfe8ce53fee50fd31b2fe94f979491b4cd08ad80a60beea07859e88-ol8_aarch64_baseos_latest
nghttp2-1.33.0-5.el8_8.src.rpm9ba5b8089dfe8ce53fee50fd31b2fe94f979491b4cd08ad80a60beea07859e88-ol8_aarch64_codeready_builder
nghttp2-1.33.0-5.el8_8.src.rpm9ba5b8089dfe8ce53fee50fd31b2fe94f979491b4cd08ad80a60beea07859e88-ol8_aarch64_u8_baseos_patch
libnghttp2-1.33.0-5.el8_8.aarch64.rpm3518fb00f147b0f9ab34d9189d15c7d014038e1c7236742d882c23cecea70e51-ol8_aarch64_baseos_latest
libnghttp2-1.33.0-5.el8_8.aarch64.rpm3518fb00f147b0f9ab34d9189d15c7d014038e1c7236742d882c23cecea70e51-ol8_aarch64_u8_baseos_patch
libnghttp2-devel-1.33.0-5.el8_8.aarch64.rpm87428f941de6d6d4c8101f6e3e2b171fd67cffc1137fd64c6582b8646ebcf603-ol8_aarch64_codeready_builder
nghttp2-1.33.0-5.el8_8.aarch64.rpm0e5e39b5f329db7c91553f77ab5fca478cb59aa115c5329a2bf939a7d863f19e-ol8_aarch64_codeready_builder
Oracle Linux 8 (x86_64) nghttp2-1.33.0-5.el8_8.src.rpm9ba5b8089dfe8ce53fee50fd31b2fe94f979491b4cd08ad80a60beea07859e88-ol8_x86_64_baseos_latest
nghttp2-1.33.0-5.el8_8.src.rpm9ba5b8089dfe8ce53fee50fd31b2fe94f979491b4cd08ad80a60beea07859e88-ol8_x86_64_codeready_builder
nghttp2-1.33.0-5.el8_8.src.rpm9ba5b8089dfe8ce53fee50fd31b2fe94f979491b4cd08ad80a60beea07859e88-ol8_x86_64_u8_baseos_patch
libnghttp2-1.33.0-5.el8_8.i686.rpm51c6fd43d36f4a4217b943d98c64707e0a221d7e465fe389bfb4cdeb48de11e1-ol8_x86_64_baseos_latest
libnghttp2-1.33.0-5.el8_8.i686.rpm51c6fd43d36f4a4217b943d98c64707e0a221d7e465fe389bfb4cdeb48de11e1-ol8_x86_64_u8_baseos_patch
libnghttp2-1.33.0-5.el8_8.x86_64.rpmdb43971701d6dfc32543f8ee08ef2a187c85427ea38aca059c3291b58393c591-exadata_dbserver_23.1.8.0.0_x86_64_base
libnghttp2-1.33.0-5.el8_8.x86_64.rpmdb43971701d6dfc32543f8ee08ef2a187c85427ea38aca059c3291b58393c591-exadata_dbserver_23.1.9.0.0_x86_64_base
libnghttp2-1.33.0-5.el8_8.x86_64.rpmdb43971701d6dfc32543f8ee08ef2a187c85427ea38aca059c3291b58393c591-exadata_dbserver_24.1.0.0.0_x86_64_base
libnghttp2-1.33.0-5.el8_8.x86_64.rpmdb43971701d6dfc32543f8ee08ef2a187c85427ea38aca059c3291b58393c591-exadata_dbserver_24.1.1.0.0_x86_64_base
libnghttp2-1.33.0-5.el8_8.x86_64.rpmdb43971701d6dfc32543f8ee08ef2a187c85427ea38aca059c3291b58393c591-ol8_x86_64_baseos_latest
libnghttp2-1.33.0-5.el8_8.x86_64.rpmdb43971701d6dfc32543f8ee08ef2a187c85427ea38aca059c3291b58393c591-ol8_x86_64_u8_baseos_patch
libnghttp2-devel-1.33.0-5.el8_8.i686.rpmc1c066e81ea2bca86f801e00d9e4afa1482c5eecf40f610466abdb8bd474a43b-ol8_x86_64_codeready_builder
libnghttp2-devel-1.33.0-5.el8_8.x86_64.rpmef1de788c1e56ec30db15e71fb1627f41d284d6c1d77f07d518c1dece04f5f4a-ol8_x86_64_codeready_builder
nghttp2-1.33.0-5.el8_8.x86_64.rpmbedd1c3f45dba216c7acb31a30dee7d4a9f7bd5ecf8158b5d45799e40a8f34c0-ol8_x86_64_codeready_builder



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete