File _patchinfo of Package patchinfo.12370
<patchinfo incident="12370"> <issue tracker="bnc" id="1112438">[TRACKER] FATE #326776 - nodejs10 for W&S module</issue> <issue tracker="bnc" id="1125689">nghttp2 mistake in spec file</issue> <issue tracker="bnc" id="1134616">nghttp2: fails to build with boost 1.70.0</issue> <issue tracker="bnc" id="1146182">VUL-0: CVE-2019-9511: nghttp2: HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially lei</issue> <issue tracker="bnc" id="1146184">VUL-1: CVE-2019-9513: nghttp2: HTTP/2 implementation is vulnerable to resource loops, potentially leading to a denial of service.</issue> <issue tracker="cve" id="2019-9511"/> <issue tracker="cve" id="2019-9513"/> <issue tracker="fate" id="326776"/> <category>security</category> <rating>moderate</rating> <packager>pluskalm</packager> <description>This update for nghttp2 fixes the following issues: Security issues fixed: - CVE-2019-9513: Fixed HTTP/2 implementation that is vulnerable to resource loops, potentially leading to a denial of service (bsc#1146184). - CVE-2019-9511: Fixed HTTP/2 implementations that are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service (bsc#11461). Bug fixes and enhancements: - Fixed mistake in spec file (bsc#1125689) - Fixed build issue with boost 1.70.0 (bsc#1134616) - Feature: Add W&S module (FATE#326776, bsc#1112438) </description> <summary>Security update for nghttp2</summary> </patchinfo>
