Mercurial > hg > nginx-site

diff xml/en/security_advisories.xml @ 2416:eecb26e2c4ab
nginx-1.17.3, nginx-1.16.1
author: Maxim Dounin <mdounin@mdounin.ru>
date: Tue, 13 Aug 2019 20:00:02 +0300
parents: 626533759806
children: e35ed485070d
--- a/xml/en/security_advisories.xml	Tue Aug 13 19:01:32 2019 +0300
+++ b/xml/en/security_advisories.xml	Tue Aug 13 20:00:02 2019 +0300
@@ -24,6 +24,27 @@
 
 <security>
 
+<item name="Excessive CPU usage in HTTP/2 with small window updates"
+      severity="medium"
+      cve="2019-9511"
+      good="1.17.3+, 1.16.1+"
+      vulnerable="1.9.5-1.17.2">
+</item>
+
+<item name="Excessive CPU usage in HTTP/2 with priority changes"
+      severity="low"
+      cve="2019-9513"
+      good="1.17.3+, 1.16.1+"
+      vulnerable="1.9.5-1.17.2">
+</item>
+
+<item name="Excessive memory usage in HTTP/2 with zero length headers"
+      severity="low"
+      cve="2019-9516"
+      good="1.17.3+, 1.16.1+"
+      vulnerable="1.9.5-1.17.2">
+</item>
+
 <item name="Excessive memory usage in HTTP/2"
       severity="low"
       advisory="http://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html"
author	Maxim Dounin <mdounin@mdounin.ru>
date	Tue, 13 Aug 2019 20:00:02 +0300
parents	626533759806
children	e35ed485070d