Oval Definition:oval:org.opensuse.security:def:68785
Revision Date:2020-12-01Version:1
Title:Security update for nginx (Important)
Description:

This update for nginx fixes the following issues:

Security issues fixed:

- CVE-2019-9511: Fixed a denial of service by manipulating the window size and stream prioritization (bsc#1145579). - CVE-2019-9513: Fixed a denial of service caused by resource loops (bsc#1145580). - CVE-2019-9516: Fixed a denial of service caused by header leaks (bsc#1145582). - CVE-2018-16845: Fixed denial of service and memory disclosure via mp4 module (bsc#1115015). - CVE-2018-16843: Fixed excessive memory consumption in HTTP/2 implementation (bsc#1115022). - CVE-2018-16844: Fixed excessive CPU usage via flaw in HTTP/2 implementation (bsc#1115025).
Family:unixClass:patch
Status:Reference(s):1027519
1115015
1115022
1115025
1134506
1145579
1145580
1145582
1155200
1157490
1160932
1165206
1167007
1167152
1168140
1168142
1168143
1169392
CVE-2018-16843
CVE-2018-16844
CVE-2018-16845
CVE-2019-9511
CVE-2019-9513
CVE-2019-9516
CVE-2020-11739
CVE-2020-11740
CVE-2020-11741
CVE-2020-11742
CVE-2020-11743
SUSE-SU-2019:2309-1
SUSE-SU-2020:1124-1
Platform(s):SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • nginx-1.14.2-6.3 is installed
  • OR vim-plugin-nginx-1.14.2-6.3 is installed
    • BACK