FEDORA-2018-7c540fdab4 created by luhliarik a year ago for Fedora 29
stable

Security fix for CVE-2018-16843, CVE-2018-16844, CVE-2018-16845 + nginx rebase to 1.14.1.


New version 1.14.1

Logout Required
After installing this update it is required that you logout of your current user session and log back in to ensure the changes supplied by this update are applied properly.

How to install

sudo dnf upgrade --advisory=FEDORA-2018-7c540fdab4
This update has been submitted for testing by luhliarik. a year ago
This update has obsoleted [nginx-1.14.1-1.fc29](https://bodhi.fedoraproject.org/updates/FEDORA-2018-f3c7598d83), and has inherited its bugs and notes. a year ago
This update has been pushed to testing. a year ago
User Icon lnie commented & provided feedback a year ago
karma

works as usual

User Icon davisclick commented & provided feedback a year ago
karma

Works as usual.

User Icon jdoss commented & provided feedback a year ago
karma

Looks good to me!

BZ#1584426 Upstream Nginx 1.14.0 is now available
This update has been submitted for batched by bodhi. a year ago
User Icon lbazan provided feedback a year ago
karma
BZ#1584426 Upstream Nginx 1.14.0 is now available
This update has been submitted for stable by bodhi. a year ago
User Icon sedrubal commented & provided feedback a year ago
karma

I've tested it on several setups and it works fine. Thanks for the update.

BZ#1584426 Upstream Nginx 1.14.0 is now available
This update has been pushed to stable. a year ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
5
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Dates
submitted
a year ago
in testing
a year ago
in stable
a year ago
BZ#1584426 Upstream Nginx 1.14.0 is now available
0
3
BZ#1647255 CVE-2018-16845 nginx: Denial of service and memory disclosure via mp4 module [fedora-all]
0
0
BZ#1647258 CVE-2018-16844 nginx: Excessive CPU usage via flaw in HTTP/2 implementation [fedora-all]
0
0
BZ#1647259 CVE-2018-16843 nginx: Excessive memory consumption via flaw in HTTP/2 implementation [fedora-all]
0
0

Automated Test Results