Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 915550 - net-libs/nghttp2: version bump to 1.57.0 for CVE-2023-44487
Summary: net-libs/nghttp2: version bump to 1.57.0 for CVE-2023-44487
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Bernard Cafarelli
Depends on:
Blocks: 915554
  Show dependency tree
Reported: 2023-10-10 16:08 UTC by Timo Rothenpieler
Modified: 2023-10-11 12:36 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Timo Rothenpieler 2023-10-10 16:08:28 UTC
nghttp2 just released version 1.57.0 which fixes CVE-2023-44487.

nginx itself is also affected by this, and have pushed a fix to their repo, but no release has been made yet.
Comment 1 Larry the Git Cow gentoo-dev 2023-10-11 12:36:25 UTC
The bug has been closed via the following commit(s):

commit 5788abe47326ee17b77c3e6649d980a1215b24a0
Author:     Bernard Cafarelli <>
AuthorDate: 2023-10-11 12:34:33 +0000
Commit:     Bernard Cafarelli <>
CommitDate: 2023-10-11 12:34:33 +0000

    net-libs/nghttp2: add 1.57.0
    Signed-off-by: Bernard Cafarelli <>

 net-libs/nghttp2/Manifest              |  1 +
 net-libs/nghttp2/nghttp2-1.57.0.ebuild | 58 ++++++++++++++++++++++++++++++++++
 2 files changed, 59 insertions(+)