[ol8_appstream] mod_http2-1.15.7-5.module+el8.7.0+21029+de29ba63.4.x86_64

Name:	mod_http2
Version:	1.15.7
Release:	5.module+el8.7.0+21029+de29ba63.4
Architecture:	x86_64
Module:	httpd:2.4:8070020230328121648:bd1311ed
Group:	System Environment/Daemons
Size:	407326
License:	ASL 2.0
RPM:	mod_http2-1.15.7-5.module+el8.7.0+21029+de29ba63.4.x86_64.rpm
Source RPM:	mod_http2-1.15.7-5.module+el8.7.0+21029+de29ba63.4.src.rpm
Build Date:	Thu Apr 06 2023
Build Host:	build-ol8-x86_64.oracle.com
Vendor:	Oracle America
URL:	https://icing.github.io/mod_h2/
Summary:	module implementing HTTP/2 for Apache 2
Description:	The mod_h2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on top of libnghttp2 for httpd 2.4 servers.

Changelog (Show File list) (Show related packages)

Sat Mar 18 2023 Luboš Uhliarik <luhliari@redhat.com> - 1.15.7-5.4

- Resolves: #2177747 - CVE-2023-25690 httpd:2.4/httpd: HTTP request splitting
  with mod_rewrite and mod_proxy

Mon Jan 24 2022 Luboš Uhliarik <luhliari@redhat.com> - 1.15.7-5

- Resolves: #2035030 - CVE-2021-44224 httpd:2.4/httpd: possible NULL dereference
  or SSRF in forward proxy configurations

Thu Jan 06 2022 Luboš Uhliarik <luhliari@redhat.com> - 1.15.7-4

- Resolves: #1966728 - CVE-2021-33193 httpd:2.4/mod_http2: httpd:
  Request splitting via HTTP/2 method injection and mod_proxy

Fri Oct 30 2020 Lubos Uhliarik <luhliari@redhat.com> - 1.15.7-3

- Resolves: #1869077 - CVE-2020-11993 httpd:2.4/mod_http2: httpd:
  mod_http2 concurrent pool usage

Mon Aug 17 2020 Lubos Uhliarik <luhliari@redhat.com> - 1.15.7-2

- Resolves: #1869073 - CVE-2020-9490 httpd:2.4/mod_http2: httpd: 
  Push diary crash on specifically crafted HTTP/2 header

Tue Apr 14 2020 Lubos Uhliarik <luhliari@redhat.com> - 1.15.7-1

- new version 1.15.7
- Resolves: #1814236 - RFE: mod_http2 rebase 
- Resolves: #1747289 - CVE-2019-10082 httpd:2.4/mod_http2: httpd: 
  read-after-free in h2 connection shutdown
- Resolves: #1696099 - CVE-2019-0197 httpd:2.4/mod_http2: httpd: 
  mod_http2: possible crash on late upgrade
- Resolves: #1696094 - CVE-2019-0196 httpd:2.4/mod_http2: httpd:
  mod_http2: read-after-free on a string compare
- Resolves: #1677591 - CVE-2018-17189 httpd:2.4/mod_http2: httpd: 
  mod_http2: DoS via slow, unneeded request bodies

Thu Aug 29 2019 Lubos Uhliarik <luhliari@redhat.com> - 1.11.3-3

- Resolves: #1744999 - CVE-2019-9511 httpd:2.4/mod_http2: HTTP/2: large amount
  of data request leads to denial of service
- Resolves: #1745086 - CVE-2019-9516 httpd:2.4/mod_http2: HTTP/2: 0-length
  headers leads to denial of service
- Resolves: #1745154 - CVE-2019-9517 httpd:2.4/mod_http2: HTTP/2: request for
  large response leads to denial of service

Thu Apr 04 2019 Joe Orton <jorton@redhat.com> - 1.11.3-2
```
- update release (#1695587)
```

Tue Oct 16 2018 Lubos Uhliarik <luhliari@redhat.com> - 1.11.3-1

- new version 1.11.3
- Resolves: #1633401 - CVE-2018-11763 mod_http2: httpd:  DoS for HTTP/2
  connections by continuous SETTINGS

Wed May 02 2018 Joe Orton <jorton@redhat.com> - 1.10.20-1
```
- update to 1.10.20
```