- Fix CVE‑2021‑22883: HTTP/2 unknownProtocol DoS via resource exhaustion
- Fix CVE‑2021‑22884: DNS‑rebinding bypass using "localhost6" in inspector whitelist
- Update OpenSSL to 1.1.1j (CVE‑2021‑23840 integer overflow) and add unknownProtocol timeout while dropping localhost6 from allowed hosts
Community impact
Community ratings: 0 Useful, 0 Noise, 0 Risky, 0 Broke, 0 Try.