Package: libtomcat9-java Version: 9.0.43-2~deb11u7 Severity: important X-Debbugs-Cc: sam.lan...@gmail.com
Dear Maintainer, I let unattended-upgrades handle the HTTP2 vulnerability. It installed thusly: > Log started: 2023-10-12 06:34:35 > (Reading database <snip...> > Preparing to unpack .../libtomcat9-java_9.0.43-2~deb11u7_all.deb ... > Unpacking libtomcat9-java (9.0.43-2~deb11u7) over (9.0.43-2~deb11u6) ... > Preparing to unpack .../tomcat9-common_9.0.43-2~deb11u7_all.deb ... > Unpacking tomcat9-common (9.0.43-2~deb11u7) over (9.0.43-2~deb11u6) ... > Preparing to unpack .../tomcat9_9.0.43-2~deb11u7_all.deb ... > Unpacking tomcat9 (9.0.43-2~deb11u7) over (9.0.43-2~deb11u6) ... > Setting up libtomcat9-java (9.0.43-2~deb11u7) ... > Setting up tomcat9-common (9.0.43-2~deb11u7) ... > Setting up tomcat9 (9.0.43-2~deb11u7) ... > Processing triggers for rsyslog (8.2102.0-2+deb11u1) ... > > Pending kernel upgrade! > > Running kernel version: > 5.10.0-19-amd64 > > Diagnostics: > The currently running kernel version is not the expected kernel version > 5.10.0-26-amd64. I did not reboot, and all lclients (Firefox, Safari, Chrome reported similar errors. No certificate available, security problem and ERR_HTTP2_PROTOCOL_ERROR A reboot to enable the new kernel produced the same results. I have commented-out HTTP2 and restarted Tomcat9, and the error is gone, (but so is HTTP2) > <Connector port="443" > protocol="org.apache.coyote.http11.Http11AprProtocol" > maxThreads="150" SSLEnabled="true" > > <!-- sam 20231012 <UpgradeProtocol > className="org.apache.coyote.http2.Http2Protocol" /> --> > <SSLHostConfig> > <Certificate > certificateKeyFile="/etc/letsencrypt/live/puppy.ccoz.org.au/privkey.pem" > > certificateFile="/etc/letsencrypt/live/xxxxxxxxxxxxxxxxx/cert.pem" > > certificateChainFile="/etc/letsencrypt/live/xxxxxxxxxxxxxxxxx/chain.pem" > type="RSA" /> > </SSLHostConfig> > </Connector> -- System Information: _,met$$$$$gg. root@xxxxx ,g$$$$$$$$$$$$$$$P. ---------- ,g$$P" """Y$$.". OS: Debian GNU/Linux 11 (bullseye) x86_64 ,$$P' `$$$. Host: HVM domU 4.7 ',$$P ,ggs. `$$b: Kernel: 5.10.0-26-amd64 `d$$' ,$P"' . $$$ Uptime: 1 hour, 43 mins $$P d$' , $$P Packages: 799 (dpkg) $$: $$. - ,d$$' Shell: bash 5.1.4 $$; Y$b._ _,d$P' Resolution: 1024x768 Y$$. `.`"Y$$$$P"' CPU: AMD Opteron 4170 HE (4) @ 2.100GHz `$$b "-.__ GPU: 00:02.0 Cirrus Logic GD 5446 `Y$$ Memory: 1349MiB / 7938MiB `Y$$. `$$b. `Y$$b. `"Y$b._ `"""