Register | Log in

nghttp2

server, proxy and client implementing HTTP/2

Choose email to subscribe with

general

source: nghttp2 (main)
version: 1.40.0-1
maintainer: Tomasz Buchert (DMD)
uploaders: Ondřej Surý [DMD]
arch: all any
std-ver: 4.4.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 0.6.4-2
oldstable: 1.18.1-1+deb9u1
old-sec: 1.18.1-1+deb9u1
stable: 1.36.0-2+deb10u1
stable-sec: 1.36.0-2+deb10u1
testing: 1.40.0-1
unstable: 1.40.0-1

versioned links

0.6.4-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.18.1-1+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.36.0-2+deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.40.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libnghttp2-14
libnghttp2-dev
libnghttp2-doc
nghttp2 (1 bugs: 0, 1, 0, 0)
nghttp2-client
nghttp2-proxy
nghttp2-server

action needed

Multiarch hinter reports 2 issue(s) normal

There are issues with the multiarch metadata for this package.

nghttp2 could be marked Multi-Arch: foreign
libnghttp2-dev could be marked Multi-Arch: same

Created: 2016-09-14 Last update: 2020-02-23 06:40

1 ignored security issue in jessie low

There is 1 open security issue in jessie.

1 issue skipped by the security teams:

CVE-2016-1544: nghttp2 before 1.7.1 allows remote attackers to cause a denial of service (memory exhaustion).

Please fix it.

Created: 2016-02-14 Last update: 2020-02-08 18:32

1 ignored security issue in stretch low

There is 1 open security issue in stretch.

1 issue skipped by the security teams:

CVE-2018-1000168: nghttp2 version >= 1.10.0 and nghttp2 <= v1.31.0 contains an Improper Input Validation CWE-20 vulnerability in ALTSVC frame handling that can result in segmentation fault leading to denial of service. This attack appears to be exploitable via network client. This vulnerability appears to have been fixed in >= 1.31.1.

Please fix it.

Created: 2018-04-12 Last update: 2020-02-08 18:32

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.0 instead of 4.4.1).

Created: 2020-01-21 Last update: 2020-01-21 05:06

news

[2019-11-25] nghttp2 1.40.0-1 MIGRATED to testing (Debian testing watch)
[2019-11-23] Accepted nghttp2 1.40.0-1 (source) into unstable (Tomasz Buchert)
[2019-09-07] Accepted nghttp2 1.18.1-1+deb9u1 (source amd64 all) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Tomasz Buchert)
[2019-09-07] Accepted nghttp2 1.36.0-2+deb10u1 (source amd64 all) into proposed-updates->stable-new, proposed-updates (Tomasz Buchert)
[2019-09-01] Accepted nghttp2 1.18.1-1+deb9u1 (source amd64 all) into oldstable->embargoed, oldstable (Tomasz Buchert)
[2019-09-01] Accepted nghttp2 1.36.0-2+deb10u1 (source amd64 all) into stable->embargoed, stable (Tomasz Buchert)
[2019-08-18] nghttp2 1.39.2-1 MIGRATED to testing (Debian testing watch)
[2019-08-15] Accepted nghttp2 1.39.2-1 (source) into unstable (Tomasz Buchert)
[2019-07-09] nghttp2 1.37.0-1 MIGRATED to testing (Debian testing watch)
[2019-06-22] Accepted nghttp2 1.39.1-1 (source) into experimental (Tomasz Buchert)
[2019-05-05] Accepted nghttp2 1.38.0-1 (source) into experimental (Tomasz Buchert)
[2019-03-17] Accepted nghttp2 1.37.0-1 (source) into unstable (Tomasz Buchert)
[2019-02-06] nghttp2 1.36.0-2 MIGRATED to testing (Debian testing watch)
[2019-02-03] Accepted nghttp2 1.36.0-2 (source) into unstable (Tomasz Buchert)
[2019-01-26] nghttp2 1.36.0-1 MIGRATED to testing (Debian testing watch)
[2019-01-23] Accepted nghttp2 1.36.0-1 (source) into unstable (Tomasz Buchert)
[2018-12-17] nghttp2 1.35.1-1 MIGRATED to testing (Debian testing watch)
[2018-12-15] Accepted nghttp2 1.35.1-1 (source) into unstable (Tomasz Buchert)
[2018-11-26] Accepted nghttp2 1.35.0-1 (source) into unstable (Tomasz Buchert)
[2018-10-28] nghttp2 1.34.0-1 MIGRATED to testing (Debian testing watch)
[2018-10-11] Accepted nghttp2 1.34.0-1 (source) into unstable (Tomasz Buchert)
[2018-09-06] Accepted nghttp2 1.33.0-1 (source) into unstable (Tomasz Buchert)
[2018-09-01] Accepted nghttp2 1.32.1-1 (source) into unstable (Tomasz Buchert)
[2018-05-22] nghttp2 1.32.0-1 MIGRATED to testing (Debian testing watch)
[2018-05-19] Accepted nghttp2 1.32.0-1 (source) into unstable (Tomasz Buchert)
[2018-04-27] nghttp2 1.31.1-1 MIGRATED to testing (Debian testing watch)
[2018-04-21] Accepted nghttp2 1.31.1-1 (source) into unstable (Tomasz Buchert)
[2018-03-11] nghttp2 1.31.0-1 MIGRATED to testing (Debian testing watch)
[2018-03-05] Accepted nghttp2 1.31.0-1 (source) into unstable (Tomasz Buchert)
[2018-02-17] nghttp2 1.30.0-1 MIGRATED to testing (Debian testing watch)

1
2

bugs [bug history graph]

all: 1
RC: 0
I&N: 1
M&W: 0
F&P: 0
patch: 0

links

homepage
buildd: logs, clang, reproducibility, cross
popcon
browse source code
edit tags
security tracker
screenshots
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.40.0-1

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing