Mercurial > hg > nginx-site
diff xml/en/security_advisories.xml @ 2272:3fa4584907b8
nginx-1.15.6, nginx-1.14.1
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Tue, 06 Nov 2018 17:51:30 +0300 |
parents | cf8d95bfcf72 |
children | 626533759806 |
line wrap: on
line diff
--- a/xml/en/security_advisories.xml Wed Oct 31 20:56:02 2018 +0300 +++ b/xml/en/security_advisories.xml Tue Nov 06 17:51:30 2018 +0300 @@ -24,6 +24,28 @@ <security> +<item name="Excessive memory usage in HTTP/2" + severity="low" + cve="2018-16843" + good="1.15.6+, 1.14.1+" + vulnerable="1.9.5-1.15.5"> +</item> + +<item name="Excessive CPU usage in HTTP/2" + severity="low" + cve="2018-16844" + good="1.15.6+, 1.14.1+" + vulnerable="1.9.5-1.15.5"> +</item> + +<item name="Memory disclosure in the ngx_http_mp4_module" + severity="medium" + cve="2018-16845" + good="1.15.6+, 1.14.1+" + vulnerable="1.1.3-1.15.5, 1.0.7-1.0.15"> +<patch name="patch.2018.mp4.txt" /> +</item> + <item name="Integer overflow in the range filter" severity="medium" advisory="http://mailman.nginx.org/pipermail/nginx-announce/2017/000200.html"