You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa mod_http2

Sigurnosni nedostatak programskog paketa mod_http2

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2019-05-26 01:03:15.668544

Name : mod_http2
Product : Fedora 30
Version : 1.15.0
Release : 1.fc30
Summary : module implementing HTTP/2 for Apache 2
Description :
The mod_h2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on
top of libnghttp2 for httpd 2.4 servers.

Update Information:

Code cleanups and Simplifications: * in stream instance and main connection
output handling for a common strategy in h2/h2c versions of the protocol. Stream
instances are kept in one place which will make future optimizations in state
handling easier. * Discarding idea of re-using bucket beams and let them live
for one request only. Removing design/implementation overhead of never used
features. Making mutexes nested, removing optional lock code no longer

* Wed May 22 2019 Joe Orton <> – 1.15.0-1
– update to 1.15.0

[ 1 ] Bug #1696092 – CVE-2019-0196 mod_http2: httpd: mod_http2: read-after-free on a string compare [fedora-all]

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2019-08e57d15fd’ at the command
line. For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list —
To unsubscribe send an email to
Fedora Code of Conduct:
List Guidelines:
List Archives:

AutorJosip Papratovic
Cert idNCERT-REF-2019-05-0001-ADV
More in Preporuke
Sigurnosni nedostaci programskog paketa mupdf

Otkriveni su sigurnosni nedostaci u programskom paketu mupdf za operacijski sustav Fedora. Otkriveni nedostaci potencijalnim napadačima omogućuju izazivanje DoS stanja....