Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Fedora 22: FEDORA-2016-8e13ac5754 moderate: nghttp2 Heap Use-After-Free

fedora
Calendar Grey January 12, 2016
Dist Fedora Esm H88
The upgrade to nghttp2 version 1.6.0 resolves a heap use-after-free vulnerability in the management of idle streams for Fedora 22.
- update to nghttp2-1.6.0 (fixes CVE-2015-8659)

Summary

This package contains the HTTP/2 client, server and proxy programs.

Update Information:

- update to nghttp2-1.6.0 (fixes CVE-2015-8659)

Change Log

References


[ 1 ] Bug #1295351 - CVE-2015-8659 nghttp2: heap-use-after-free flaw in idle stream handling code https://bugzilla.redhat.com/show_bug.cgi?id=1295351

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update nghttp2' at the command line. For more information, refer to "Managing Software with yum", available at .

Name: nghttp2
Product: Fedora 22
Version: 1.6.0
Release: 1.fc22
Summary: Experimental HTTP/2 client, server and proxy

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here