Your message dated Tue, 20 Aug 2019 21:08:27 +0000 with message-id <e1i0bmh-0004f7...@fasolo.debian.org> and subject line Bug#934886: fixed in h2o 2.2.5+dfsg2-3 has caused the Debian Bug report #934886, regarding CVE-2019-9512 CVE-2019-9514 CVE-2019-9515 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 934886: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934886 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: h2o Severity: grave Tags: security h2o is affected by three of the recently announced HTTP2 issues: https://github.com/h2o/h2o/issues/2090 Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: h2o Source-Version: 2.2.5+dfsg2-3 We believe that the bug you reported is fixed in the latest version of h2o, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 934...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Anton Gladky <gl...@debian.org> (supplier of updated h2o package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 20 Aug 2019 22:29:07 +0200 Source: h2o Architecture: source Version: 2.2.5+dfsg2-3 Distribution: unstable Urgency: high Maintainer: Apollon Oikonomopoulos <apoi...@debian.org> Changed-By: Anton Gladky <gl...@debian.org> Closes: 934886 Changes: h2o (2.2.5+dfsg2-3) unstable; urgency=high . * [d9b7843] Fix HTTP/2 DoS attack vulnerabilities. CVE-2019-9512 CVE-2019-9514 CVE-2019-9515. (Closes: #934886) Checksums-Sha1: 7492db960956545d45be9193db79191ba61924ac 2578 h2o_2.2.5+dfsg2-3.dsc 576a8aebc0ae1e054a23046c6a00ad918af949c7 14468 h2o_2.2.5+dfsg2-3.debian.tar.xz 34e3d809c99506d4c82741111cc033b622f04c4c 6805 h2o_2.2.5+dfsg2-3_source.buildinfo Checksums-Sha256: 679fd34ad1055a7c3b99296c0a2f0704915659e46146569be42041645873e878 2578 h2o_2.2.5+dfsg2-3.dsc f86955fc00eede55638443105581e542a3f574b8266b9edf520c8cc1d4e8c874 14468 h2o_2.2.5+dfsg2-3.debian.tar.xz 98bfc8d422abc97fa3061d2cf8e6f9d3f3c601d2e51e3288cb670bd2ed00a295 6805 h2o_2.2.5+dfsg2-3_source.buildinfo Files: e516324426dfcafad2b0298a254e600e 2578 httpd optional h2o_2.2.5+dfsg2-3.dsc c388dfd612eb35cfc85e1aa8092f217d 14468 httpd optional h2o_2.2.5+dfsg2-3.debian.tar.xz db48de425d5085f7431d96aadf6c80f1 6805 httpd optional h2o_2.2.5+dfsg2-3_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEu71F6oGKuG/2fnKF0+Fzg8+n/wYFAl1cWz8ACgkQ0+Fzg8+n /wY6ww//WlPA+gRmt017yDg693i626bzaDCsebiaRlVS926altZuFeTWbuRuAH3D 1h3fQmCZxf2zx67eGH07KyWdZn+x7IpQwy7EuwD/35wwC/ysH0bA9SNfA6i9esUU AiTy2mWJF+UbBDATL/iDGES8R8mz8L1u8qV7qNFVSxi467Hh6DEB1Qfdacxjvrpo b2lPZT54nzcDWsKzwNd6G/Oi/ga6qtPkHHO8e7wm0694+2vsnYuZtD2nktxpXcA1 sQYNSkzzO480Vn/IObkxyn7nlHMac15lHLOgCrNM/ArB7UwvNg55dENWkCcafJbi mm05K8x7pObBT4o2JZEHGcfCi0q4Abn2Fo10IkLl+/moKtcpTdeL7GV3BLqqxXnL ab3DjTMdQ36F4tTa+jbABNDycey7kCU0dBcyVvaIN6J0kzPzmzMzq0VqhX5O4owh BrMgdDdAyVFb5I7MAh2kwSsF37nvmnjfZd9LFSgslJhyjVQPYWSmNnCDAzJu6PKa mKfWoxnZAs4z1J8wOoS20gAeg1g6AMxrYpmFzEBzRk73Ipap4xXo3oTqJfsZRbOR 9+iuz8SdpDGRfK9lJMI0YNAcu4u2oqnA6MYXavTCXcfSEzQqi5NNIjmiSf6TrEJW TzopNV236dNkztSpHznwc/e2kQ82v/Jah6xEmerNQyonUvawH/M= =CO5g -----END PGP SIGNATURE-----
--- End Message ---
