Path to this page:
Subject: CVS commit: pkgsrc/www/h2o
From: Adam Ciarcinski
Date: 2018-06-24 11:17:03
Message id: 20180624091703.57EA2FBEC@cvs.NetBSD.org
Log Message:
h2o: updated to 2.2.5:
H2O version 2.2.5:
This is a bug-fix release of the 2.2 series with following changes from 2.2.4, \
including one vulnerability fix.
[security fix][access-log] fix buffer overflow CVE-2018-0608
[fastcgi] index file name must be part of SCRIPT_NAME
[http2] do not compress cookies less than 20 bytes long
[http2] stop opening new push streams after receiving GOAWAY
[http2] fix conformance issues
[mruby] drop the link rel=preload header with a x-http2-push-only attribute
[mruby] allow loading a file that shares the basename with one of the preloaded files
[proxy] fix I/O error when receiving multiple informational responses
[ssl] fix bug that prevents record size growing to maximum when latency \
optimization is disabled
[ssl] fix compatibility issues with libressl 2.7
[ssl] update picotls to support TLS 1.3 draft-26
Files: