ELSA-2024-3501

ULN >
Oracle Linux Errata repository >
ELSA-2024-3501

ELSA-2024-3501 - nghttp2 security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2024-06-20

Description

[1.43.0-5.2]
- fix CONTINUATION frames DoS (CVE-2024-28182, CVE-2024-27316)

Related CVEs

CVE-2024-28182

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	nghttp2-1.43.0-5.el9_4.3.src.rpm	d4405fbe4cc0610cf3ea33d156b2a2504b5e6ee10ab9ac23fa2910c8b6257580	-	ol9_aarch64_baseos_latest
	nghttp2-1.43.0-5.el9_4.3.src.rpm	d4405fbe4cc0610cf3ea33d156b2a2504b5e6ee10ab9ac23fa2910c8b6257580	-	ol9_aarch64_codeready_builder
	nghttp2-1.43.0-5.el9_4.3.src.rpm	d4405fbe4cc0610cf3ea33d156b2a2504b5e6ee10ab9ac23fa2910c8b6257580	-	ol9_aarch64_u4_baseos_patch
	libnghttp2-1.43.0-5.el9_4.3.aarch64.rpm	26c604bdca495b2524a12aa7071f18dec8f596567d67d5f92d28790f9f4119b5	-	ol9_aarch64_baseos_latest
	libnghttp2-1.43.0-5.el9_4.3.aarch64.rpm	26c604bdca495b2524a12aa7071f18dec8f596567d67d5f92d28790f9f4119b5	-	ol9_aarch64_u4_baseos_patch
	libnghttp2-devel-1.43.0-5.el9_4.3.aarch64.rpm	3ec1cf5101453aec075953fd434968f8128fb506be87464bf2d3e7b7f13c9366	-	ol9_aarch64_codeready_builder
	nghttp2-1.43.0-5.el9_4.3.aarch64.rpm	16782ee5eb6a049751574e562335b91a82dd20a2bec7116c2603166363a0ac47	-	ol9_aarch64_codeready_builder

Oracle Linux 9 (x86_64)	nghttp2-1.43.0-5.el9_4.3.src.rpm	d4405fbe4cc0610cf3ea33d156b2a2504b5e6ee10ab9ac23fa2910c8b6257580	-	ol9_x86_64_baseos_latest
	nghttp2-1.43.0-5.el9_4.3.src.rpm	d4405fbe4cc0610cf3ea33d156b2a2504b5e6ee10ab9ac23fa2910c8b6257580	-	ol9_x86_64_codeready_builder
	nghttp2-1.43.0-5.el9_4.3.src.rpm	d4405fbe4cc0610cf3ea33d156b2a2504b5e6ee10ab9ac23fa2910c8b6257580	-	ol9_x86_64_u4_baseos_patch
	libnghttp2-1.43.0-5.el9_4.3.i686.rpm	ad6b2f6bb89b4534b0379bd4ea06754a4e698a2c20cbb2d42b639c77bc9256fc	-	ol9_x86_64_baseos_latest
	libnghttp2-1.43.0-5.el9_4.3.i686.rpm	ad6b2f6bb89b4534b0379bd4ea06754a4e698a2c20cbb2d42b639c77bc9256fc	-	ol9_x86_64_u4_baseos_patch
	libnghttp2-1.43.0-5.el9_4.3.x86_64.rpm	712b394b6bbb4627a612fc7f5aac3a5cf5edc2f28ae46590c3f0b06ffb2af502	-	ol9_x86_64_baseos_latest
	libnghttp2-1.43.0-5.el9_4.3.x86_64.rpm	712b394b6bbb4627a612fc7f5aac3a5cf5edc2f28ae46590c3f0b06ffb2af502	-	ol9_x86_64_u4_baseos_patch
	libnghttp2-devel-1.43.0-5.el9_4.3.i686.rpm	d7a41eb04986ea99ad2fa15b80a492d9070fa44bbe597f0acbc33b3e78e40d89	-	ol9_x86_64_codeready_builder
	libnghttp2-devel-1.43.0-5.el9_4.3.x86_64.rpm	46c9f76feadb9ae43f0e9b9fb9385a37efa310d1c116957e3f08a67d8c250e1b	-	ol9_x86_64_codeready_builder
	nghttp2-1.43.0-5.el9_4.3.x86_64.rpm	a95f39c152183bcebc4446e2862cb8a95b4ec6afe1a7c09b1132662343bc3c9f	-	ol9_x86_64_codeready_builder

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691