Security vulnerability at curl package: CVE-2023-44487: HTTP/2 Rapid Reset

To: "debian-user@lists.debian.org" <debian-user@lists.debian.org>
Subject: Security vulnerability at curl package: CVE-2023-44487: HTTP/2 Rapid Reset
From: "Marold Marcus (DC-AE/ESW1)" <marcus.marold@boschrexroth.de>
Date: Tue, 28 Nov 2023 08:56:28 +0000
Message-id: <[🔎] PR3PR10MB38832F913D9074A2F9B94678E2BCA@PR3PR10MB3883.EURPRD10.PROD.OUTLOOK.COM>

Hello,

I would like to request an upgrade of the curl package (Linux Ubuntu Core 22 / Jammy) to Nghttp2 v1.57.0 because of CVE-2023-44487: HTTP/2 Rapid Reset.

https://nghttp2.org/blog/2023/10/10/nghttp2-v1-57-0/

Thank you in advance.

Mit freundlichen Grüßen / Best regards

Marcus Marold
ctrlX AppSoftware DC-AE/ESW1

Fax +49 9352 18-5830
marcus.marold@boschrexroth.de
www.boschrexroth.com

Bosch Rexroth AG
Bgm.-Dr.-Nebel-Str. 2
97816 Lohr am Main
GERMANY

Sitz: Stuttgart, Registergericht: Amtsgericht Stuttgart HRB 23192
Vorstand: Dr. Steffen Haack (Vorsitzender), Roland Bittenauer, Thomas Fechner, Holger von Hebel, Reinhard Schäfer
Vorsitzender des Aufsichtsrats: Dr. Markus Forschner

Reply to:

Follow-Ups:
- Re: Security vulnerability at curl package: CVE-2023-44487: HTTP/2 Rapid Reset
  - From: Marco Moock <mm@dorfdsl.de>
- Re: Security vulnerability at curl package: CVE-2023-44487: HTTP/2 Rapid Reset
  - From: Andy Smith <andy@strugglers.net>
- Re: Security vulnerability at curl package: CVE-2023-44487: HTTP/2 Rapid Reset
  - From: Brad Rogers <brad@fineby.me.uk>
- Re: Security vulnerability at curl package: CVE-2023-44487: HTTP/2 Rapid Reset
  - From: Phil Wyett <philip.wyett@kathenas.org>

Prev by Date: Re: unexpected behavior
Next by Date: Re: Security vulnerability at curl package: CVE-2023-44487: HTTP/2 Rapid Reset
Previous by thread: Gnome shell freezes randomly
Next by thread: Re: Security vulnerability at curl package: CVE-2023-44487: HTTP/2 Rapid Reset
Index(es):
- Date
- Thread