USN-7892-1

Details

It was discovered that H2O exhibited poor server resource management in its HTTP/2 protocol. An attacker could possibly use this issue to cause H2O to crash, resulting in a denial of service.

Affected Packages

Ubuntu:Pro:20.04:LTSh2o

Fixed in:

2.2.5+dfsg2-3ubuntu0.1~esm1

Ubuntu:Pro:22.04:LTSh2o

Fixed in:

2.2.5+dfsg2-6.1ubuntu2+esm1

References

REPORThttps://ubuntu.com/security/CVE-2023-44487 ADVISORYhttps://ubuntu.com/security/notices/USN-7892-1

USN-7892-1

Details

Affected Packages

References

Upstream

Ecosystems

Timeline