mirror of
git://git.openembedded.org/meta-openembedded
synced 2026-04-02 02:49:12 +00:00
a1c4d361ed
Reduces the impact of HTTP/2 Stream Reset flooding in the nginx product (CVE-2023-44487). See: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ This patch only reduces the impact and does not completely mitigate the CVE in question, the latter being due to a design flaw in the HTTP/2 protocol itself. For transparancy reasons I therefore opted to not mark the CVE as resolved, so that integrators can decide for themselves, wheither to enable HTTP/2 support or allow HTTP/1.1 connections only. Signed-off-by: Jasper Orschulko <jasper@fancydomain.eu> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Collection of layers for the OE-core universe dunfell maintainer: Armin Kuster <akuster808@gmail.com> This repository is a collection of layers to suppliment OE-Core with additional packages, Each layer have designated maintainer Please see the respective READMEs in the layer subdirectories