nginx: fix CVE-2023-44487 - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	Meenali Gupta <meenali.gupta@windriver.com>	2023-12-21 03:45:50 +0000
committer	Armin Kuster <akuster808@gmail.com>	2024-01-07 13:15:11 -0500
commit	8e1f0fa6bfac0e96fedc666fe9066f92c85afb27 (patch)
tree	d83eeed37ab8c062c196497de76c373503a0cfe5 /meta-webserver/recipes-httpd/nginx/files/nginx-cross.patch
parent	b0d67900ae9e8911f734c25c0674fe55df8cd188 (diff)
download	meta-openembedded-mickledore.tar.gz

nginx: fix CVE-2023-44487mickledore-next mickledore

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>

Diffstat (limited to 'meta-webserver/recipes-httpd/nginx/files/nginx-cross.patch')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: