Back to bug 2179138

Who	When	What	Removed	Added
Anten Skrabec	2023-03-16 17:28:35 UTC	CC		security-response-team
Paige Jung	2023-03-16 17:53:05 UTC	Doc Text	Attackers can send specifically crafted HTTP/2 or HTTP/3 requests to trigger parsing errors on HTTP/1 upstream service.	A flaw was found in Envoy. This issue may allow attackers to send specifically-crafted HTTP/2 or HTTP/3 requests to trigger parsing errors on the HTTP/1 upstream service.
Anten Skrabec	2023-03-16 22:26:13 UTC	Doc Text	A flaw was found in Envoy. This issue may allow attackers to send specifically-crafted HTTP/2 or HTTP/3 requests to trigger parsing errors on the HTTP/1 upstream service.	A flaw was found in Envoy. This issue may allow attackers to send specially crafted HTTP/2 or HTTP/3 requests to trigger parsing errors on the HTTP/1 upstream service.
Anten Skrabec	2023-03-16 22:26:21 UTC	Doc Text	A flaw was found in Envoy. This issue may allow attackers to send specially crafted HTTP/2 or HTTP/3 requests to trigger parsing errors on the HTTP/1 upstream service.	A flaw was found in Envoy that may allow attackers to send specially crafted HTTP/2 or HTTP/3 requests to trigger parsing errors on the HTTP/1 upstream service.
Sam Fowler	2023-03-19 22:52:30 UTC	CC	ovanders	sfowler, twalsh
		Doc Type	---	If docs needed, set a value
Pedro Sampaio	2023-04-04 21:04:33 UTC	Deadline	2023-04-04
		Group	security, qe_staff
		Summary	EMBARGOED CVE-2023-27491 envoy: Envoy forwards invalid HTTP/2 and HTTP/3 downstream	CVE-2023-27491 envoy: Envoy forwards invalid HTTP/2 and HTTP/3 downstream
Red Hat Bugzilla	2023-07-07 08:32:40 UTC	CC	security-response-team
		Assignee	security-response-team	nobody
errata-xmlrpc	2023-08-11 16:48:13 UTC	Link ID		Red Hat Product Errata RHSA-2023:4623
Product Security DevOps Team	2023-08-11 21:11:33 UTC	Resolution	---	ERRATA
		Status	NEW	CLOSED
		Last Closed		2023-08-11 21:11:33 UTC

Back to bug 2179138