TEMP-0000000-66FC9C

NameTEMP-0000000-66FC9C
DescriptionRUSTSEC-2024-0332: Degradation of service in h2 servers with CONTINUATION Flood
SourceAutomatically generated temporary name. Not for external reference.

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
rust-h2 (PTS)buster0.1.16-1vulnerable
bookworm0.3.13-2vulnerable
sid, trixie0.4.4-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
rust-h2source(unstable)0.4.4-1

Notes

[bookworm] - rust-h2 <no-dsa> (Minor issue)
[buster] - rust-h2 <postponed> (Minor issue, CPU DoS)
https://rustsec.org/advisories/RUSTSEC-2024-0332.html
https://github.com/advisories/GHSA-q6cp-qfwq-4gcv

Search for package or bug name: Reporting problems