Debian Security Advisory 4335-1

Debian Security Advisory 4335-1: Posted Nov 12, 2018; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4335-1 - Three vulnerabilities were discovered in Nginx, a high-performance web and reverse proxy server, which could in denial of service in processing HTTP/2 (via excessive memory/CPU usage) or server memory disclosure in the ngx_http_mp4_module module (used for server-side MP4 streaming).; tags | advisory, web, denial of service, vulnerability; systems | linux, debian; advisories | CVE-2018-16843, CVE-2018-16844, CVE-2018-16845; SHA-256 | 62738a0f3a1924f58af8ca8de7f560fafc42ea8de43136a5a020522b764a4454; Download | Favorite | View

Debian Security Advisory 4335-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4335-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
November 08, 2018                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : nginx
CVE ID         : CVE-2018-16843 CVE-2018-16844 CVE-2018-16845

Three vulnerabilities were discovered in Nginx, a high-performance web
and reverse proxy server, which could in denial of service in processing
HTTP/2 (via excessive memory/CPU usage) or server memory disclosure in
the ngx_http_mp4_module module (used for server-side MP4 streaming).

For the stable distribution (stretch), these problems have been fixed in
version 1.10.3-1+deb9u2.

We recommend that you upgrade your nginx packages.

For the detailed security status of nginx please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/nginx

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlvkq1wACgkQEMKTtsN8
TjY+Sw//eT499ax9D25pWjbpRjjJQ+WG5m7xL3zoCJfWymNmQnsgiV7/gGbpOvAV
n6OG/Ckq946v0Du4YFiCDlkPY4P5WJR2/qnBNJPbFEcMssJJbuhpZCLAKSMFjm9A
2IZYGGHZDMGcEo9ZSEDJX/nViSpbN+Y8koTXX43ORizeKhmOWVY0Dm7gqm2DESti
CQ0EVQyMSqZisiZumoDjn0FrvkQnxvO4GONfYTUcsZf8z4yb03r7rzO/wDgu9JvU
8+L7cgMcq5TFT3LoZ/LvrJOv8GbMa5SUwqp84ePEZMtAH4NYFIyijOF05MKox7Pq
zRO/NTkoIQ7/mfz6dHFRl54Ac5iEGnjL7ksC6zL1rD+W2E+JXOnHUpRdmjQ7CvdA
/5GnyZSJbvD6D7/c5MBXU8r60ALXc75hiL8ibXM/LExll/vOw7++/7dDqMacSx4O
pQl+tduqW+55VMAyT7DKoM5+nZmq2805EH2P4W37uqE1UCh0eJkEK+bp3BLO2Adx
IJM1ujtt6Euyu3c1JzZADpiOAsATLxvh1qGxvHmUeXN0ODEYAnV2mgKtZxU8+W+Z
JrsrUTTzFKlmPQug7Bvx7CyZ6S/EQchjeD+Ni7W/HRtW7/eSoh0dntBjQUlg50yd
K2fAQq6MD37FTHAghC243ZqqcRJDoDXtKfvKm8Zt3ZUnX3XUqVg=3QLE
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 179 files
Ubuntu 58 files
Debian 26 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
E1.Coders 4 files
malvuln 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

Debian Security Advisory 4335-1

Debian Security Advisory 4335-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 4335-1

Share This

Debian Security Advisory 4335-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems