Mercurial > hg > nginx-site

diff text/en/CHANGES-1.14 @ 2272:3fa4584907b8

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
nginx-1.15.6, nginx-1.14.1
author Maxim Dounin <mdounin@mdounin.ru>
date Tue, 06 Nov 2018 17:51:30 +0300
parents a226918def86
children 921102d620e9
line wrap: on
line diff
--- a/text/en/CHANGES-1.14	Wed Oct 31 20:56:02 2018 +0300
+++ b/text/en/CHANGES-1.14	Tue Nov 06 17:51:30 2018 +0300
@@ -1,4 +1,17 @@
 
+Changes with nginx 1.14.1                                        06 Nov 2018
+
+    *) Security: when using HTTP/2 a client might cause excessive memory
+       consumption (CVE-2018-16843) and CPU usage (CVE-2018-16844).
+
+    *) Security: processing of a specially crafted mp4 file with the
+       ngx_http_mp4_module might result in worker process memory disclosure
+       (CVE-2018-16845).
+
+    *) Bugfix: working with gRPC backends might result in excessive memory
+       consumption.
+
+
 Changes with nginx 1.14.0                                        17 Apr 2018
 
     *) 1.14.x stable branch.