From 4e782c9deb03b58923f22e930ba1c5a778fbe4a5 Mon Sep 17 00:00:00 2001
From: Anna Henningsen <anna@addaleax.net>
Date: Thu, 15 Aug 2019 14:33:33 +0200
Subject: http2: remove security revert flags
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

As the comment in `node_revert.h` indicates, the master branch should
not provide security revert flags.

Refs: https://github.com/nodejs/node/pull/29122

PR-URL: https://github.com/nodejs/node/pull/29141
Reviewed-By: Beth Griggs <Bethany.Griggs@uk.ibm.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Сковорода Никита Андреевич <chalkerx@gmail.com>
Reviewed-By: Gus Caplan <me@gus.host>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
---
 src/node_revert.h | 6 ------
 1 file changed, 6 deletions(-)

(limited to 'src/node_revert.h')

diff --git a/src/node_revert.h b/src/node_revert.h
index 66161c9c9b..0f0c32412e 100644
--- a/src/node_revert.h
+++ b/src/node_revert.h
@@ -16,13 +16,7 @@
 namespace node {
 
 #define SECURITY_REVERSIONS(XX)                                            \
-  XX(CVE_2019_9512, "CVE-2019-9512", "HTTP/2 Ping/Settings Flood")         \
-  XX(CVE_2019_9514, "CVE-2019-9514", "HTTP/2 Reset Flood")                 \
-  XX(CVE_2019_9516, "CVE-2019-9516", "HTTP/2 0-Length Headers Leak")       \
-  XX(CVE_2019_9518, "CVE-2019-9518", "HTTP/2 Empty DATA Frame Flooding")   \
 //  XX(CVE_2016_PEND, "CVE-2016-PEND", "Vulnerability Title")
-  // TODO(addaleax): Remove all of the above before Node.js 13 as the comment
-  // at the start of the file indicates.
 
 enum reversion {
 #define V(code, ...) SECURITY_REVERT_##code,
-- 
cgit v1.2.3