Debian Package Tracker

general

source: nghttp2 (main)
version: 1.35.1-1
maintainer: Tomasz Buchert [DMD]
uploaders: Ondřej Surý [DMD]
arch: all any
std-ver: 4.2.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-bpo: 0.6.4-2~bpo70+1
oldstable: 0.6.4-2
stable: 1.18.1-1
testing: 1.35.1-1
unstable: 1.35.1-1

versioned links

0.6.4-2~bpo70+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.6.4-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.18.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.35.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libnghttp2-14
libnghttp2-dev
libnghttp2-doc
nghttp2
nghttp2-client
nghttp2-proxy
nghttp2-server

action needed

A new upstream version is available: 1.36.0 high

A new upstream version 1.36.0 is available, you should consider packaging it.

Created: 2019-01-20 Last update: 2019-01-20 08:12

Depends on packages which need a new maintainer normal

The packages that nghttp2 depends on which need a new maintainer are:

spdylay (#917239)
- Build-Depends: libspdylay-dev

Created: 2018-12-24 Last update: 2019-01-20 09:15

Multiarch hinter reports 2 issue(s) normal

There are issues with the multiarch metadata for this package.

nghttp2 could be marked Multi-Arch: foreign
libnghttp2-dev could be marked Multi-Arch: same

Created: 2016-09-14 Last update: 2019-01-20 05:41

lintian reports 5 warnings normal

Lintian reports 5 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2018-09-06 Last update: 2019-01-17 07:54

1 ignored security issue in jessie low

There is 1 open security issue in jessie.

1 issue skipped by the security teams:

CVE-2016-1544:

Please fix it.

Created: 2016-02-14 Last update: 2018-12-17 06:54

1 ignored security issue in stretch low

There is 1 open security issue in stretch.

1 issue skipped by the security teams:

CVE-2018-1000168: nghttp2 version >= 1.10.0 and nghttp2 <= v1.31.0 contains an Improper Input Validation CWE-20 vulnerability in ALTSVC frame handling that can result in segmentation fault leading to denial of service. This attack appears to be exploitable via network client. This vulnerability appears to have been fixed in >= 1.31.1.

Please fix it.

Created: 2018-04-12 Last update: 2018-12-17 06:54

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.3.0 instead of 4.2.1).

Created: 2018-12-23 Last update: 2018-12-23 17:15

news

[rss feed]

[2018-12-17] nghttp2 1.35.1-1 MIGRATED to testing (Debian testing watch)
[2018-12-15] Accepted nghttp2 1.35.1-1 (source) into unstable (Tomasz Buchert)
[2018-11-26] Accepted nghttp2 1.35.0-1 (source) into unstable (Tomasz Buchert)
[2018-10-28] nghttp2 1.34.0-1 MIGRATED to testing (Debian testing watch)
[2018-10-11] Accepted nghttp2 1.34.0-1 (source) into unstable (Tomasz Buchert)
[2018-09-06] Accepted nghttp2 1.33.0-1 (source) into unstable (Tomasz Buchert)
[2018-09-01] Accepted nghttp2 1.32.1-1 (source) into unstable (Tomasz Buchert)
[2018-05-22] nghttp2 1.32.0-1 MIGRATED to testing (Debian testing watch)
[2018-05-19] Accepted nghttp2 1.32.0-1 (source) into unstable (Tomasz Buchert)
[2018-04-27] nghttp2 1.31.1-1 MIGRATED to testing (Debian testing watch)
[2018-04-21] Accepted nghttp2 1.31.1-1 (source) into unstable (Tomasz Buchert)
[2018-03-11] nghttp2 1.31.0-1 MIGRATED to testing (Debian testing watch)
[2018-03-05] Accepted nghttp2 1.31.0-1 (source) into unstable (Tomasz Buchert)
[2018-02-17] nghttp2 1.30.0-1 MIGRATED to testing (Debian testing watch)
[2018-02-12] Accepted nghttp2 1.30.0-1 (source) into unstable (Tomasz Buchert)
[2018-01-07] nghttp2 1.29.0-1 MIGRATED to testing (Debian testing watch)
[2018-01-02] Accepted nghttp2 1.29.0-1 (source) into unstable (Tomasz Buchert)
[2017-12-08] nghttp2 1.28.0-1 MIGRATED to testing (Debian testing watch)
[2017-12-03] Accepted nghttp2 1.28.0-1 (source) into unstable (Tomasz Buchert)
[2017-11-02] nghttp2 1.27.0-1 MIGRATED to testing (Debian testing watch)
[2017-10-27] Accepted nghttp2 1.27.0-1 (source) into unstable (Tomasz Buchert)
[2017-09-26] nghttp2 1.26.0-1 MIGRATED to testing (Debian testing watch)
[2017-09-21] Accepted nghttp2 1.26.0-1 (source) into unstable (Tomasz Buchert)
[2017-08-29] nghttp2 1.25.0-1 MIGRATED to testing (Debian testing watch)
[2017-08-23] Accepted nghttp2 1.25.0-1 (source) into unstable (Tomasz Buchert)
[2017-07-11] nghttp2 1.24.0-1 MIGRATED to testing (Debian testing watch)
[2017-07-06] Accepted nghttp2 1.24.0-1 (source) into unstable (Tomasz Buchert)
[2017-06-20] nghttp2 1.23.1-1 MIGRATED to testing (Debian testing watch)
[2017-06-03] Accepted nghttp2 1.23.1-1 (source) into unstable (Tomasz Buchert)
[2017-05-30] Accepted nghttp2 1.23.0-1 (source) into unstable (Tomasz Buchert)

bugs [bug history graph]

all: 1
RC: 0
I&N: 1
M&W: 0
F&P: 0
patch: 0

links

homepage
lintian (0, 5)
buildd: logs, clang, reproducibility
popcon
debci
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.35.1-1