USN-7469-3

Details

USN-7469-1 fixed a vulnerability in Apache Traffic Server. This update provides the corresponding updates for Node.js.

Original advisory details:

It was discovered that Apache Traffic Server exhibited poor server resource management in its HTTP/2 protocol. An attacker could possibly use this issue to cause Apache Traffic Server to crash, resulting in a denial of service.

Affected Packages

Ubuntu:Pro:18.04:LTSnodejs

Fixed in:

8.10.0~dfsg-2ubuntu0.4+esm6

Ubuntu:Pro:20.04:LTSnodejs

Fixed in:

10.19.0~dfsg-3ubuntu1.6+esm2

Ubuntu:Pro:22.04:LTSnodejs

Fixed in:

12.22.9~dfsg-1ubuntu3.6+esm2

References

REPORThttps://ubuntu.com/security/CVE-2023-44487 ADVISORYhttps://ubuntu.com/security/notices/USN-7469-3

USN-7469-3

Details

Affected Packages

References

Upstream

Ecosystems

Timeline