DLA-3804-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
nghttp2 (PTS)	buster	1.36.0-2+deb10u1	vulnerable
	buster (security)	1.36.0-2+deb10u3	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
nghttp2	source	buster	1.36.0-2+deb10u3