Source: nginx Version: 1.10.3-1 Severity: important Tags: security upstream Control: found -1 1.10.3-1+deb9u1 Control: found -1 1.14.0-1
Hi, The following vulnerabilities were published for nginx. CVE-2018-16843[0]: Excessive memory usage in HTTP/2 CVE-2018-16844[1]: Excessive CPU usage in HTTP/2 CVE-2018-16845[2]: Memory disclosure in the ngx_http_mp4_module If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2018-16843 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16843 [1] https://security-tracker.debian.org/tracker/CVE-2018-16844 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16844 [2] https://security-tracker.debian.org/tracker/CVE-2018-16845 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845 Regards, Salvatore
