Oracle Linux 8 ELSA-2023-5837 Critical Fix for Nghttp2 DoS Vulnerability

oracle

October 20, 2023

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

Summary

[1.33.0-5] - fix HTTP/2 Rapid Reset (CVE-2023-44487) [1.33.0-4] - prevent DoS caused by overly large SETTINGS frames (CVE-2020-11080)

Topics Covered

security advisory DoS critical fix Oracle Linux nghttp2

SRPMs

https://oss.oracle.com:443/ol8/SRPMS-updates//nghttp2-1.33.0-5.el8_8.src.rpm

x86_64

libnghttp2-1.33.0-5.el8_8.i686.rpm libnghttp2-1.33.0-5.el8_8.x86_64.rpm libnghttp2-devel-1.33.0-5.el8_8.i686.rpm libnghttp2-devel-1.33.0-5.el8_8.x86_64.rpm nghttp2-1.33.0-5.el8_8.x86_64.rpm

aarch64

libnghttp2-1.33.0-5.el8_8.aarch64.rpm libnghttp2-devel-1.33.0-5.el8_8.aarch64.rpm nghttp2-1.33.0-5.el8_8.aarch64.rpm

Severity

critical

Lowest

Low

Medium

High

Critical

Related CVEs: CVE-2023-44487

Topics Covered

security advisory DoS critical fix Oracle Linux nghttp2

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Oracle Linux 8 ELSA-2023-5837 Critical Fix for Nghttp2 DoS Vulnerability

Summary

Topics Covered

SRPMs

x86_64

aarch64

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Oracle Linux 8 ELSA-2023-5837 Critical Fix for Nghttp2 DoS Vulnerability

Summary

Topics Covered

SRPMs

x86_64

aarch64

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!