USN-4099-1

Details

Jonathan Looney discovered that nginx incorrectly handled the HTTP/2 implementation. A remote attacker could possibly use this issue to consume resources, leading to a denial of service.

Affected Packages

Ubuntu:16.04:LTSnginx

Fixed in:

1.10.3-0ubuntu0.16.04.4

Ubuntu:18.04:LTSnginx

Fixed in:

1.14.0-0ubuntu1.4

References

REPORThttps://ubuntu.com/security/CVE-2019-9511 REPORThttps://ubuntu.com/security/CVE-2019-9513 REPORThttps://ubuntu.com/security/CVE-2019-9516 ADVISORYhttps://ubuntu.com/security/notices/USN-4099-1

USN-4099-1

Details

Affected Packages

References

Upstream

Ecosystems

Timeline