Ubuntu 6614 Published by

A http-parser security update has been released for Ubuntu Linux 18.04 LTS.



USN-5563-1: http-parser vulnerability


=========================================================================
Ubuntu Security Notice USN-5563-1
August 10, 2022

http-parser vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS

Summary:

http-parser could be made to expose sensitive data if it received
a specially crafted request.

Software Description:
- http-parser: parser for HTTP messages: development libraries and header files

Details:

It was discovered that http-parser incorrectly handled certain requests.
An attacker could possibly use this issue to bypass security controls or
gain unauthorized access to sensitive data.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
libhttp-parser2.7.1 2.7.1-2ubuntu0.1

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-5563-1
CVE-2020-8287

Package Information:
  https://launchpad.net/ubuntu/+source/http-parser/2.7.1-2ubuntu0.1