Mercurial > hg > nginx-site

comparison xml/en/security_advisories.xml @ 2898:0b7e004b5061

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
nginx-1.23.2, nginx-1.22.1
author Maxim Dounin <mdounin@mdounin.ru>
date Wed, 19 Oct 2022 11:26:47 +0300
parents 0456ea786ef6
children f961e8a01053
comparison
equal deleted inserted replaced
2897:3f5e91af4a52 2898:0b7e004b5061
21 Patches are signed using one of the 21 Patches are signed using one of the
22 <link doc="pgp_keys.xml">PGP public keys</link>. 22 <link doc="pgp_keys.xml">PGP public keys</link>.
23 </para> 23 </para>
24 24
25 <security> 25 <security>
26
27 <item name="Memory corruption in the ngx_http_mp4_module"
28 severity="medium"
29 cve="2022-41741"
30 good="1.23.2+, 1.22.1+"
31 vulnerable="1.1.3-1.23.1, 1.0.7-1.0.15">
32 <patch name="patch.2022.mp4.txt" />
33 </item>
34
35 <item name="Memory disclosure in the ngx_http_mp4_module"
36 severity="medium"
37 cve="2022-41742"
38 good="1.23.2+, 1.22.1+"
39 vulnerable="1.1.3-1.23.1, 1.0.7-1.0.15">
40 <patch name="patch.2022.mp4.txt" />
41 </item>
26 42
27 <item name="1-byte memory overwrite in resolver" 43 <item name="1-byte memory overwrite in resolver"
28 severity="medium" 44 severity="medium"
29 advisory="http://mailman.nginx.org/pipermail/nginx-announce/2021/000300.html" 45 advisory="http://mailman.nginx.org/pipermail/nginx-announce/2021/000300.html"
30 cve="2021-23017" 46 cve="2021-23017"