1
Candidate: CVE-2015-8659
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8659
5
https://nghttp2.org/blog/2015/12/23/nghttp2-v1-6-0/
7
The idle stream handling in nghttp2 before 1.6.0 allows attackers to have
8
unspecified impact via unknown vectors, aka a heap-use-after-free bug.
17
upstream_nghttp2: released (1.6.0-1)
19
precise/esm_nghttp2: DNE
21
vivid_nghttp2: ignored (reached end-of-life)
22
vivid/stable-phone-overlay_nghttp2: DNE
23
vivid/ubuntu-core_nghttp2: DNE
24
wily_nghttp2: ignored (reached end-of-life)
25
xenial_nghttp2: not-affected (1.7.1-1)
26
yakkety_nghttp2: ignored (reached end-of-life)
27
zesty_nghttp2: not-affected (1.19.0-2)
28
artful_nghttp2: not-affected (1.25.0-1)
29
devel_nghttp2: not-affected (1.29.0-1)