-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2021-051639aad4 2021-06-20 01:06:02.281176 --------------------------------------------------------------------------------
Name : mod_http2 Product : Fedora 33 Version : 1.15.19 Release : 1.fc33 URL : https://icing.github.io/mod_h2/ Summary : module implementing HTTP/2 for Apache 2 Description : The mod_h2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on top of libnghttp2 for httpd 2.4 servers.
-------------------------------------------------------------------------------- Update Information:
Package update to 1.15.19 + CVE-2021-31618 security fix -------------------------------------------------------------------------------- ChangeLog:
* Fri Jun 11 2021 Lubo�� Uhliarik luhliari@redhat.com - 1.15.19-1 - new version 1.15.19 - Resolves: #1968014 - CVE-2021-31618 httpd: NULL pointer dereference on specially crafted HTTP/2 request * Tue Jan 26 2021 Fedora Release Engineering releng@fedoraproject.org - 1.15.14-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1968261 - CVE-2021-31618 httpd: NULL pointer dereference on specially crafted HTTP/2 request [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1968261 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-051639aad4' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------