Mercurial > hg > nginx-site

comparison xml/en/security_advisories.xml @ 2273:626533759806

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Advisory links.
author Maxim Dounin <mdounin@mdounin.ru>
date Tue, 06 Nov 2018 18:34:34 +0300
parents 3fa4584907b8
children eecb26e2c4ab
comparison
equal deleted inserted replaced
2272:3fa4584907b8 2273:626533759806
24 24
25 <security> 25 <security>
26 26
27 <item name="Excessive memory usage in HTTP/2" 27 <item name="Excessive memory usage in HTTP/2"
28 severity="low" 28 severity="low"
29 advisory="http://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html"
29 cve="2018-16843" 30 cve="2018-16843"
30 good="1.15.6+, 1.14.1+" 31 good="1.15.6+, 1.14.1+"
31 vulnerable="1.9.5-1.15.5"> 32 vulnerable="1.9.5-1.15.5">
32 </item> 33 </item>
33 34
34 <item name="Excessive CPU usage in HTTP/2" 35 <item name="Excessive CPU usage in HTTP/2"
35 severity="low" 36 severity="low"
37 advisory="http://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html"
36 cve="2018-16844" 38 cve="2018-16844"
37 good="1.15.6+, 1.14.1+" 39 good="1.15.6+, 1.14.1+"
38 vulnerable="1.9.5-1.15.5"> 40 vulnerable="1.9.5-1.15.5">
39 </item> 41 </item>
40 42
41 <item name="Memory disclosure in the ngx_http_mp4_module" 43 <item name="Memory disclosure in the ngx_http_mp4_module"
42 severity="medium" 44 severity="medium"
45 advisory="http://mailman.nginx.org/pipermail/nginx-announce/2018/000221.html"
43 cve="2018-16845" 46 cve="2018-16845"
44 good="1.15.6+, 1.14.1+" 47 good="1.15.6+, 1.14.1+"
45 vulnerable="1.1.3-1.15.5, 1.0.7-1.0.15"> 48 vulnerable="1.1.3-1.15.5, 1.0.7-1.0.15">
46 <patch name="patch.2018.mp4.txt" /> 49 <patch name="patch.2018.mp4.txt" />
47 </item> 50 </item>