New changelog entries:
* New upstream version 1.8.17
- BUG/MAJOR: stream-int: Update the stream expiration date in
stream_int_notify()
- BUG/MEDIUM: mux-h2: mark that we have too many CS once we have more than
the max
- BUG/MEDIUM: server: Also copy "check-sni" for server templates.
- BUG/MEDIUM: cli: make "show sess" really thread-safe
- BUG/MEDIUM: lua: dead lock when Lua tasks are trigerred
* Drop CVE-2018-20615.patch; merged upstream
03841ec...
by
Apollon Oikonomopoulos <email address hidden>
Import patches-unapplied version 1.8.16-2 to debian/sid
New changelog entries:
* Fix out-of-bounds read in HTTP2 mux (CVE-2018-20615).
This would possibly lead to a crash in H2 HEADERS frame decoder when the
PRIORITY flag is present, due to a missing frame size check.
* Bump Standards-Version to 4.3.0; no changes needed.
New changelog entries:
* New upstream version 1.8.16.
- BUG/MEDIUM: dns: Don't prevent reading the last byte of the payload
in dns_validate_response()
- BUG/MEDIUM: dns: overflowed dns name start position causing invalid
dns error
* d/rules: do not override CFLAGS, hijack DEBUG_CFLAGS for this instead.
30cfa33...
by
Apollon Oikonomopoulos <email address hidden>
Import patches-unapplied version 1.8.15-1 to debian/sid
New changelog entries:
* New upstream version.
- BUG/CRITICAL: hpack: fix improper sign check on the header index value (already fixed in 1.8.13-2)
- BUG/MAJOR: kqueue: Don't reset the changes number by accident.
- BUG/MAJOR: thread: lua: Wrong SSL context initialization.
a206c28...
by
Apollon Oikonomopoulos <email address hidden>
Import patches-unapplied version 1.8.13-2 to debian/sid
New changelog entries:
* New upstream version.
- BUG/MEDIUM: h2: don't accept new streams if conn_streams are still in excess
- BUG/MEDIUM: h2: make sure the last stream closes the connection after a timeout
- BUG/MEDIUM: h2: never leave pending data in the output buffer on close
- BUG/MEDIUM: h2: prevent orphaned streams from blocking a connection forever
- BUG/MEDIUM: stats: don't ask for more data as long as we're responding
- BUG/MEDIUM: stream-int: don't immediately enable reading when the buffer was reportedly full
- BUG/MEDIUM: threads/sync: use sched_yield when available
- BUG/MEDIUM: threads: Fix the exit condition of the thread barrier
- BUG/MEDIUM: threads: properly fix nbthreads == MAX_THREADS
- BUG/MEDIUM: threads: unbreak "bind" referencing an incorrect thread number
* d/patches: drop systemd exit status patch (applied upstream).