USN-7469-4

Details

USN-7469-1 fixed a vulnerability in Apache Traffic Server. This update provides the corresponding updates for H2O.

Original advisory details:

It was discovered that Apache Traffic Server exhibited poor server resource management in its HTTP/2 protocol. An attacker could possibly use this issue to cause Apache Traffic Server to crash, resulting in a denial of service.

Affected Packages

h2o

Ubuntu Pro 18.04 LTS

Fixed in:

2.2.4+dfsg-1ubuntu0.1~esm2

References

REPORT

https://ubuntu.com/security/CVE-2023-44487

ADVISORY

https://ubuntu.com/security/notices/USN-7469-4