DLA-2786-1

NameDLA-2786-1
Descriptionnghttp2 - security update
SourceDebian LTS
ReferencesCVE-2018-1000168, CVE-2020-11080

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
nghttp2 (PTS)stretch1.18.1-1+deb9u1vulnerable
stretch (security)1.18.1-1+deb9u2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
nghttp2sourcestretch1.18.1-1+deb9u2

Search for package or bug name: Reporting problems