Skip to main content

CVE-2023-44487 - any mitigations available ?

Comments

7 comments

  • Announcement without details to a website link providing HTTP/2 Rapid Reset Attack mitigation services. Interestingly blatant advertising methinks...
    0
  • feijao
    What about this?
    0
  • vacancy
    http/2 protocol is developed by ietf. This vulnerability can be resolved after a correction to be published by ietf.
    0
  • ciao70
    Hi, Fix coming soon
    0
  • cPRex Jurassic Moderator
    Normally Apache things get released on Wednesday, as you've likely seen, but because of the Curl update (CVE-2023-38545 and CVE-2023-38546) we decided to do everything tomorrow at once. So this will get released tomorrow and I'll do my usual post to the page.
    0
  • simz8
    right now we are running exim 4.96-8.cp108~el7 (cpanel v110.0.7). how can i see if the patch has been auto applied?
    0
  • cPRex Jurassic Moderator
    @simz8 - the Exim patch is completely separate from this discussion. If you are running 4.96.1-2.cp108 you are on the latest version that was patched October 3.
    0

Please sign in to leave a comment.