nginx: fix CVE-2023-44487mickledore-next mickledore

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
author: Meenali Gupta <meenali.gupta@windriver.com> 2023-12-21 03:45:50 +0000
committer: Armin Kuster <akuster808@gmail.com> 2024-01-07 13:15:11 -0500
commit: 8e1f0fa6bfac0e96fedc666fe9066f92c85afb27 (patch)
tree: d83eeed37ab8c062c196497de76c373503a0cfe5 /meta-webserver/recipes-httpd/nginx/nginx.inc
parent: b0d67900ae9e8911f734c25c0674fe55df8cd188 (diff)
download: meta-openembedded-8e1f0fa6bfac0e96fedc666fe9066f92c85afb27.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/meta-webserver/recipes-httpd/nginx/nginx.inc b/meta-webserver/recipes-httpd/nginx/nginx.inc
index 8078b7621a..72a7bb0c1c 100644
--- a/meta-webserver/recipes-httpd/nginx/nginx.inc
+++ b/meta-webserver/recipes-httpd/nginx/nginx.inc
@@ -23,6 +23,7 @@ SRC_URI = " \
     file://nginx.service \
     file://nginx-fix-pidfile.patch \
     file://0001-configure-libxslt-conf.patch \
+    file://CVE-2023-44487.patch \
 "
 
 inherit siteinfo update-rc.d useradd systemd
author	Meenali Gupta <meenali.gupta@windriver.com>	2023-12-21 03:45:50 +0000
committer	Armin Kuster <akuster808@gmail.com>	2024-01-07 13:15:11 -0500
commit	8e1f0fa6bfac0e96fedc666fe9066f92c85afb27 (patch)
tree	d83eeed37ab8c062c196497de76c373503a0cfe5 /meta-webserver/recipes-httpd/nginx/nginx.inc
parent	b0d67900ae9e8911f734c25c0674fe55df8cd188 (diff)
download	meta-openembedded-8e1f0fa6bfac0e96fedc666fe9066f92c85afb27.tar.gz