Information on source package nghttp2

Available versions

ReleaseVersion
jessie0.6.4-2
stretch1.18.1-1
buster1.36.0-2
sid1.37.0-1

Open issues

BugjessiestretchbustersidDescription
CVE-2018-1000168fixedvulnerable (no DSA)fixedfixednghttp2 version >= 1.10.0 and nghttp2 <= v1.31.0 contains an Imp ...
CVE-2016-1544vulnerable (no DSA)fixedfixedfixedout of memory error due to unlimited incoming HTTP header fields

Open unimportant issues

BugjessiestretchbustersidDescription
TEMP-0000000-A4EF31vulnerablevulnerablevulnerablevulnerableNull pointer access in inflatehd tool

Resolved issues

BugDescription
CVE-2015-8659The idle stream handling in nghttp2 before 1.6.0 allows attackers to h ...

Search for package or bug name: Reporting problems