SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2306

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2306

Security update for perl-Protocol-HTTP2

Type: security

Severity: important

Issued: 2026-06-09

Description:

This update for perl-Protocol-HTTP2 fixes the following issue

- CVE-2026-10725: denial of service due to absence of inbound HPACK header-list size limit (HTTP/2 Bomb attack)
  (bsc#1267857).

References

CVE: CVE-2026-10725
Bugzilla: 1267857 VUL-0: CVE-2026-10725: perl-Protocol-HTTP2: denial of service due to absence of inbound HPACK header-list size limit (HTTP/2 Bomb attack)

Packages

perl-Protocol-HTTP2-1.10-150600.3.3.1