ArchLinux: 201512-16: nghttp2: use-after-free
Summary
nghttp2 1.6.0 fixes a heap-based use-after-free bug in idle stream handling code, where an idle/closed stream could possibly be destroyed while it was still referenced.
Resolution
Upgrade to 1.6.0-1.
# pacman -Syu "nghttp2>=1.6.0-1"
The problem has been fixed upstream in version 1.6.0.
References
https://access.redhat.com/security/cve/CVE-2015-8659 https://seclists.org/oss-sec/2015/q4/576 https://nghttp2.org/blog/2015/12/23/nghttp2-v1-6-0/ https://github.com/nghttp2/nghttp2/commit/92a56d034f201cbb609606184822cf1716677207
Workaround
None.