fbiville/summary.md

## summary.md

      
    Raw
  

              summary.md
            
          
    HTTP/2 vulnerabilities

https://www.kb.cert.org/vuls/id/605641/
Java

gRPC

1.23.0 - https://github.com/grpc/grpc-java/releases/tag/v1.23.0
Netty

4.1.39.Final - https://netty.io/news/2019/08/13/4-1-39-Final.html
-> release 0.8.11.RELEASE of reactor-netty yet
	-> release 2.1.8 spring-boot-starter-reactor-netty
		-> release 2.1.8 spring-boot-starter-webflux

Node

Version must be at the very least :

https://github.com/nodejs/node/releases/tag/v12.8.1 OR
https://github.com/nodejs/node/releases/tag/v10.16.3 OR
https://github.com/nodejs/node/releases/tag/v8.16.1

gRPC

???
expressjs

???
CF builpack

https://github.com/cloudfoundry/node-engine-cnb/releases/tag/v0.0.42 contains safe releases
(10.16.2 and 8.16.0 will not be picked up unless the app specifically requests the oldest patch).
First releases with all the fixes is https://github.com/cloudfoundry/node-engine-cnb/releases/tag/v0.0.37.