FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

nghttp2 -- use after free

Affected packages
nghttp2 < 1.6.0


VuXML ID 93eadedb-c6a6-11e5-96d6-14dae9d210b8
Discovery 2015-12-23
Entry 2016-01-29

nghttp2 reports:

This release fixes heap-use-after-free bug in idle stream handling code. We strongly recommend to upgrade the older installation to this latest version as soon as possible.


CVE Name CVE-2015-8659