HTTP/2 Rapid Reset : CVE-2023-44487

lucaslorentz / caddy-docker-proxy

Caddy as a reverse proxy for Docker

MIT License

3.07k stars 174 forks source link

HTTP/2 Rapid Reset : CVE-2023-44487 #539

Closed farzeni closed 1 year ago

farzeni commented 1 year ago

Hi,

I'm creating this issue to monitor the upgrade of Caddy in order to mitigate CVE-2023-44487.

According to this related issue, a 2.7.5 release should be coming out soon: https://github.com/caddyserver/caddy/issues/5877

farzeni commented 1 year ago

Hi,

Caddy team has released 2.7.5 (Congrats to @mholt) https://github.com/caddyserver/caddy/releases/tag/v2.7.5

mholt commented 1 year ago

Actually this one is all thanks to @francislavoie , @Mohammed90, and many other contributors, as I was mostly preoccupied with some personal matters this time around. They did a great job!

lucaslorentz commented 1 year ago

Doing a new release that includes @farzeni PR.