From 8bb4d5bfbd30255e8be6516bc741b5186d63841c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lo=C3=AFc=20Hoguin?= <essen@ninenines.eu>
Date: Fri, 5 Apr 2024 22:07:50 +0200
Subject: Cowboy 2.12

---
 _build/content/articles/cowboy-2.12.0.asciidoc | 40 ++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)
 create mode 100644 _build/content/articles/cowboy-2.12.0.asciidoc

(limited to '_build')

diff --git a/_build/content/articles/cowboy-2.12.0.asciidoc b/_build/content/articles/cowboy-2.12.0.asciidoc
new file mode 100644
index 00000000..4b267945
--- /dev/null
+++ b/_build/content/articles/cowboy-2.12.0.asciidoc
@@ -0,0 +1,40 @@
++++
+date = "2024-04-05T07:00:00+01:00"
+title = "Cowboy 2.12"
+
++++
+
+Cowboy `2.12.0` has been released!
+
+Cowboy 2.12 contains a fix for a security vulnerability
+in the HTTP/2 protocol implementation that has recently
+been made public:
+https://nowotarski.info/http2-continuation-flood/[HTTP/2 CONTINUATION Flood].
+
+Cowboy adds a new HTTP/2 option `max_fragmented_header_block_size`
+to control how much data is accepted in CONTINUATION
+frames before an error is triggered.
+
+Cowboy 2.12 was produced and released a few weeks ago,
+as a result of advance knowledge of this vulnerability.
+If you already upgraded, you are safe! If not, please
+upgrade as soon as possible.
+
+Both Cowboy and Cowlib must be upgraded. Cowlib 2.13
+has been produced for this fix. This is a minor release
+and not a patch release only because of the newly added
+option.
+
+Cowboy 2.12 requires Erlang/OTP 24.0 or greater.
+It is tested and supported on Linux, macOS and Windows.
+
+A complete
+list of changes can be found in the migration guide:
+https://ninenines.eu/docs/en/cowboy/2.12/guide/migrating_from_2.11/[Migrating from Cowboy 2.11 to 2.12].
+
+You can donate to this project via
+https://github.com/sponsors/essen[GitHub Sponsors].
+
+As usual, feedback is appreciated, and issues or
+questions should be sent via Github tickets or
+discussions. Thanks!
-- 
cgit v1.2.3