1. Home
  2. Security Advisories
  3. Fedora
  4. FEDORA-2018-7c540fdab4

[FEDORA-2018-7c540fdab4] Fedora 29: nginx

Severity High
Affected Packages 1
CVEs 3
Info Packages References Vulnerabilities

Security fix for CVE-2018-16843, CVE-2018-16844, CVE-2018-16845 + nginx rebase
to 1.14.1. ---- New version 1.14.1

Package Affected Version
pkg:rpm/fedora/nginx?distro=fedora-29 < 1.14.1.2.fc29
ID
FEDORA-2018-7c540fdab4
Severity
high
Severity from
CVE-2018-16843
URL
https://bodhi.fedoraproject.org/updates/FEDORA-2018-7c540fdab4
Published
2018-11-24T02:29:55
(5 years ago)
Modified
2018-11-24T02:29:55
(5 years ago)
Rights
Copyright 2018 Red Hat, Inc.
Other Advisories
Source # ID Name URL
Bugzilla 1647258 Bug #1647258 - CVE-2018-16844 nginx: Excessive CPU usage via flaw in HTTP/2 implementation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1647258
Bugzilla 1647259 Bug #1647259 - CVE-2018-16843 nginx: Excessive memory consumption via flaw in HTTP/2 implementation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1647259
Bugzilla 1584426 Bug #1584426 - Upstream Nginx 1.14.0 is now available https://bugzilla.redhat.com/show_bug.cgi?id=1584426
Bugzilla 1647255 Bug #1647255 - CVE-2018-16845 nginx: Denial of service and memory disclosure via mp4 module [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1647255
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/fedora/nginx?distro=fedora-29 fedora nginx < 1.14.1.2.fc29 fedora-29
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date