nginx: Mitigate HTTP/2 Stream Resets Flood impact - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	Jasper Orschulko <jasper@fancydomain.eu>	2023-11-27 00:54:30 +0100
committer	Armin Kuster <akuster808@gmail.com>	2023-12-13 13:35:51 -0500
commit	3fdd2602091966f3e928243cd4bb632107618fb6 (patch)
tree	7dc49c62e19ddf5c5597da4df3d214c0d4b413ba /meta-python/recipes-devtools/python/python3-periphery_2.3.0.bb
parent	a9f070da583f6dfb3089e94f1c7b2861eb13554e (diff)
download	meta-openembedded-3fdd2602091966f3e928243cd4bb632107618fb6.tar.gz

nginx: Mitigate HTTP/2 Stream Resets Flood impact

Reduces the impact of HTTP/2 Stream Reset flooding in the nginx product (CVE-2023-44487). See: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ This patch only reduces the impact and does not completely mitigate the CVE in question, the latter being due to a design flaw in the HTTP/2 protocol itself. For transparancy reasons I therefore opted to not mark the CVE as resolved, so that integrators can decide for themselves, wheither to enable HTTP/2 support or allow HTTP/1.1 connections only. Signed-off-by: Jasper Orschulko <jasper@fancydomain.eu> Signed-off-by: Armin Kuster <akuster808@gmail.com>

Diffstat (limited to 'meta-python/recipes-devtools/python/python3-periphery_2.3.0.bb')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: