nghttp2: fix CVE-2023-44487 by updating to v1.57.0 (!45) · Merge requests · Feed / openwrt-packages

Andreas Gnau requested to merge agnau-72-bump-nghttp2 into release-7.2 Nov 01, 2023

commit 411e09410389db64c0a6d510629f8ba8f73729d4
Author: Hirokazu MORIKAWA <morikw2@gmail.com>
Date:   Sat Oct 14 12:31:16 2023 +0900

    nghttp2: fix CVE-2023-44487

    update to v1.57.0
    CVE-2023-44487 : HTTP/2 Rapid Reset

    Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
    (cherry picked from commit afecaa71c22503affa53246d029b4e0eb4677d2b)
    (cherry picked from commit d1c12e0827f52bdc01d155050daa3a8f00ae23dc)

commit 0bd956e0aa2c00bf8a11be5bf83453e41b25dd38
Author: An Phuc Nguyen <phucan.nguyen@daum.net>
Date:   Sat Jan 28 16:55:17 2023 +0700

    nghttp2: update to 1.51.0

    Signed-off-by: An Phuc Nguyen <phucan.nguyen@daum.net>
    (cherry picked from commit 70a5501f55ddca99d3cf9f6190f5ae5a665749e3)

Edited Nov 01, 2023 by Andreas Gnau

nghttp2: fix CVE-2023-44487 by updating to v1.57.0

Merge request reports