nginx: Mitigate HTTP/2 Stream Resets Flood impact - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	Jasper Orschulko <jasper@fancydomain.eu>	2023-11-27 01:04:17 +0100
committer	Armin Kuster <akuster808@gmail.com>	2023-12-17 15:36:42 -0500
commit	a1c4d361ed9e5ef72c74bd2849d6f485939bbd4b (patch)
tree	69d5ef07f946131730b1a66ad19a802150483245 /meta-python/recipes-devtools/python/python3-h5py/0001-cross-compiling-support.patch
parent	a005377cdf1efd4aa6681e73bb663bb1c3ebfd4e (diff)
download	meta-openembedded-a1c4d361ed9e5ef72c74bd2849d6f485939bbd4b.tar.gz

nginx: Mitigate HTTP/2 Stream Resets Flood impact

Reduces the impact of HTTP/2 Stream Reset flooding in the nginx product (CVE-2023-44487). See: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ This patch only reduces the impact and does not completely mitigate the CVE in question, the latter being due to a design flaw in the HTTP/2 protocol itself. For transparancy reasons I therefore opted to not mark the CVE as resolved, so that integrators can decide for themselves, wheither to enable HTTP/2 support or allow HTTP/1.1 connections only. Signed-off-by: Jasper Orschulko <jasper@fancydomain.eu> Signed-off-by: Armin Kuster <akuster808@gmail.com>

Diffstat (limited to 'meta-python/recipes-devtools/python/python3-h5py/0001-cross-compiling-support.patch')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: