Please sign in to comment.
Merge pull request #66605 (nginx security fixes)
This applies a series of patches to fix CVE-2019-9511, CVE-2019-9513 and CVE-2019-9516 affecting HTTP/2 protocol, all of those can possibly lead to DoS. Details about these vulnerabilities can be found at: https://github.com/Netflix/security-bulletins/blob/216433296d3bc542496a8edae5b4ca39cfd892b1/advisories/third-party/2019-002.md I haven't extensively tested this, but from a quick test, nginx is still working and the NixOS tests also succeed. Thanks to @vincentbernat for the pull request.
- Loading branch information...