Name | TEMP-0000000-66FC9C |
Description | RUSTSEC-2024-0332: Degradation of service in h2 servers with CONTINUATION Flood |
Source | Automatically generated temporary name. Not for external reference. |
Vulnerable and fixed packages
The table below lists information on source packages.
Source Package | Release | Version | Status |
---|
rust-h2 (PTS) | buster | 0.1.16-1 | vulnerable |
| bookworm | 0.3.13-2 | vulnerable |
| sid, trixie | 0.4.4-1 | fixed |
The information below is based on the following data on fixed versions.
Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
---|
rust-h2 | source | (unstable) | 0.4.4-1 | | | |
Notes
[bookworm] - rust-h2 <no-dsa> (Minor issue)
[buster] - rust-h2 <postponed> (Minor issue, CPU DoS)
https://rustsec.org/advisories/RUSTSEC-2024-0332.html
https://github.com/advisories/GHSA-q6cp-qfwq-4gcv