aports issues
https://gitlab.alpinelinux.org/alpine/aports/-/issues
2019-07-23T11:18:44Z
https://gitlab.alpinelinux.org/alpine/aports/-/issues/9660
[3.7] nginx: Multiple vulnerabilities (CVE-2018-16843, CVE-2018-16844, CVE-20...
2019-07-23T11:18:44Z
Alicha CH
[3.7] nginx: Multiple vulnerabilities (CVE-2018-16843, CVE-2018-16844, CVE-2018-16845)
CVE-2018-16843: Excessive memory consumption via flaw in HTTP/2 implementation
------------------------------------------------------------------------------
### Affected Versions:
nginx 1.9.5 - 1.15.5.
### Fixed In Version:
nginx 1....
CVE-2018-16843: Excessive memory consumption via flaw in HTTP/2 implementation
------------------------------------------------------------------------------
### Affected Versions:
nginx 1.9.5 - 1.15.5.
### Fixed In Version:
nginx 1.15.6, nginx 1.14.1
### Reference:
http://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html
### Patch:
http://hg.nginx.org/nginx/rev/1c6b6163c039
CVE-2018-16844: Excessive CPU usage via flaw in HTTP/2 implementation
---------------------------------------------------------------------
### Affected Versions:
nginx 1.9.5 - 1.15.5.
### Fixed In Version:
nginx 1.15.6, nginx 1.14.1
### Reference:
http://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html
### Patch:
http://hg.nginx.org/nginx/rev/9200b41db765
CVE-2018-16845: Denial of service and memory disclosure via mp4 module
----------------------------------------------------------------------
nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the mp4
module that allows
for denial of service or worker process memory disclosure.
### Fixed In Version:
nginx 1.15.6, nginx 1.14.1
### Reference:
http://mailman.nginx.org/pipermail/nginx-announce/2018/000221.html
### Patch:
http://nginx.org/download/patch.2018.mp4.txt
*(from redmine: issue id 9660, created on 2018-11-21, closed on 2018-11-22)*
* Relations:
* parent #9659
3.7.2
Jakub Jirutka
Jakub Jirutka