From 891ab083c6d497db2f6adde7767b41e367ca8907 Mon Sep 17 00:00:00 2001
From: Bruno Paulino <contact@bpaulino.com>
Date: Wed, 24 Jan 2024 15:17:42 +0100
Subject: [PATCH] actix-http: Bump h2 to fix a resource exhaustion
 vulnerability (#3262)

Co-authored-by: Rob Ede <robjtede@icloud.com>
---
 actix-http/Cargo.toml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/actix-http/Cargo.toml b/actix-http/Cargo.toml
index 6c53f35cc..e7d50c313 100644
--- a/actix-http/Cargo.toml
+++ b/actix-http/Cargo.toml
@@ -89,7 +89,7 @@ tokio-util = { version = "0.7", features = ["io", "codec"] }
 tracing = { version = "0.1.30", default-features = false, features = ["log"] }
 
 # http2
-h2 = { version = "0.3.17", optional = true }
+h2 = { version = "0.3.24", optional = true }
 
 # websockets
 local-channel = { version = "0.1", optional = true }