Summary: | <www-servers/nginx-{1.14.1,1.15.6}: multiple vulnerabilities (CVE-2018-{16843,16844,16845}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Vlad K. <vk-gentoo-bugs> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | dev-zero, whissi |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B3 [noglsa] | ||
Package list: |
www-servers/nginx-1.14.1
|
Runtime testing required: | --- |
Description
Vlad K.
2018-11-06 15:39:46 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=931ea67612c9eb3f435cdf42b3401181e40e6bce commit 931ea67612c9eb3f435cdf42b3401181e40e6bce Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2018-11-06 16:03:49 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2018-11-06 16:04:06 +0000 www-servers/nginx: bump to v1.14.1 stable - nginScript module bumped to v0.2.5 - HTTP VHost Traffic Status module bumped to commit 46d85558e344dfe - brotli module bumped to commit 8104036af9cff Bug: https://bugs.gentoo.org/670496 Package-Manager: Portage-2.3.51, Repoman-2.3.12 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> www-servers/nginx/Manifest | 1 + www-servers/nginx/nginx-1.14.1.ebuild | 1081 +++++++++++++++++++++++++++++++++ 2 files changed, 1082 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=395959f0a2392993b260566a518de96f16d66daf commit 395959f0a2392993b260566a518de96f16d66daf Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2018-11-06 15:58:12 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2018-11-06 16:04:04 +0000 www-servers/nginx: bump to v1.15.6 mainline - nginScript module bumped to v0.2.5 - brotli module bumped to commit 8104036af9cff Bug: https://bugs.gentoo.org/670496 Package-Manager: Portage-2.3.51, Repoman-2.3.12 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> www-servers/nginx/Manifest | 3 + .../nginx/files/http_brotli-detect-brotli-r2.patch | 30 + www-servers/nginx/nginx-1.15.6.ebuild | 1081 ++++++++++++++++++++ 3 files changed, 1114 insertions(+) Note that comment #0 is a copy from upstream advisories. Gentoo has set USE=+http2 by default for example. @ Arches, please test and mark stable: =www-servers/nginx-1.14.1 amd64 stable x86 stable GLSA Vote: No! Repository is clean, all done. |