UbuntuUpdates.org

Package "http-parser"

Name: http-parser

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • parser for HTTP messages: development libraries and header files
  • parser for HTTP messages written in C

Latest version: 2.7.1-2ubuntu0.1
Release: bionic (18.04)
Level: security
Repository: main

Links



Other versions of "http-parser" in Bionic

Repository Area Version
base main 2.7.1-2
updates main 2.7.1-2ubuntu0.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.7.1-2ubuntu0.1 2022-08-10 19:06:22 UTC

  http-parser (2.7.1-2ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: request smuggling
    - debian/patches/CVE-2020-8287.patch: unset F_CHUNKED on new Transfer-Encoding
      in http_parser.c, test.c.
    - CVE-2020-8287

 -- Leonidas Da Silva Barbosa <email address hidden> Mon, 08 Aug 2022 13:48:40 -0300

CVE-2020-8287 Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding h



About   -   Send Feedback to @ubuntu_updates