Sergey Kandaurov pluknet at nginx.com Wed Feb 14 17:00:05 UTC 2024 Previous message (by thread): [nginx-announce] nginx-1.25.4 Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] Two security issues were identified in nginx HTTP/3 implementation, which might allow an attacker that uses a specially crafted QUIC session to cause a worker process crash (CVE-2024-24989, CVE-2024-24990) or might have potential other impact (CVE-2024-24990). The issues affect nginx compiled with the ngx_htt...