[SECURITY] Fedora 29 Update: mod_http2-1.15.1-1.fc29

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2019-c7187e6dc7 2019-06-28 22:08:37.704214 -------------------------------------------------------------------------------- Name : mod_http2 Product : Fedora 29 Version : 1.15.1 Release : 1.fc29 URL : https://icing.github.io/mod_h2/ Summary : module implementing HTTP/2 for Apache 2 Description : The mod_h2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on top of libnghttp2 for httpd 2.4 servers. -------------------------------------------------------------------------------- Update Information: This update has the latest upstream release of *mod_http2*, version **1.15.1**: * further copying of passed data to disentangle worker and main connection. ---- Code cleanups and Simplifications: * in stream instance and main connection output handling for a common strategy in h2/h2c versions of the protocol. Stream instances are kept in one place which will make future optimizations in state handling easier. * Discarding idea of re-using bucket beams and let them live for one request only. Removing design/implementation overhead of never used features. Making mutexes nested, removing optional lock code no longer necessary. -------------------------------------------------------------------------------- ChangeLog: * Wed May 29 2019 Joe Orton <jorton(a)redhat.com&gt; - 1.15.1-1 - update to 1.15.1 * Wed May 22 2019 Joe Orton <jorton(a)redhat.com&gt; - 1.15.0-1 - update to 1.15.0 * Thu Mar 14 2019 Joe Orton <jorton(a)redhat.com&gt; - 1.14.1-1 - update to 1.14.1 * Tue Mar 5 2019 Joe Orton <jorton(a)redhat.com&gt; - 1.14.0-1 - update to 1.14.0 * Tue Feb 26 2019 Joe Orton <jorton(a)redhat.com&gt; - 1.13.0-1 - update to 1.13.0 * Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org&gt; - 1.12.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Fri Jan 18 2019 Joe Orton <jorton(a)redhat.com&gt; - 1.12.1-1 - update to 1.12.1 * Tue Oct 9 2018 Lubos Uhliarik <luhliari(a)redhat.com&gt; - 1.11.2-1 - new version 1.11.2 * Fri Oct 5 2018 Lubo�� Uhliarik <luhliari(a)redhat.com&gt; - 1.11.1-1 - new version 1.11.1 (CVE-2018-11763) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1696092 - CVE-2019-0196 mod_http2: httpd: mod_http2: read-after-free on a string compare [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1696092 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-c7187e6dc7' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------