Oval Definition:oval:org.opensuse.security:def:98658
Revision Date:2019-09-05Version:1
Title:Security update for nginx (Important)
Description:

This update for nginx fixes the following issues:

Security issues fixed:

- CVE-2019-9511: Fixed a denial of service by manipulating the window size and stream prioritization (bsc#1145579). - CVE-2019-9513: Fixed a denial of service caused by resource loops (bsc#1145580). - CVE-2019-9516: Fixed a denial of service caused by header leaks (bsc#1145582). - CVE-2018-16845: Fixed denial of service and memory disclosure via mp4 module (bsc#1115015). - CVE-2018-16843: Fixed excessive memory consumption in HTTP/2 implementation (bsc#1115022). - CVE-2018-16844: Fixed excessive CPU usage via flaw in HTTP/2 implementation (bsc#1115025).
Family:unixClass:patch
Status:Reference(s):1115015
1115022
1115025
1145579
1145580
1145582
CVE-2018-16843
CVE-2018-16844
CVE-2018-16845
CVE-2019-9511
CVE-2019-9513
CVE-2019-9516
SUSE-SU-2019:2309-1
Platform(s):SUSE Linux Enterprise High Performance Computing 15 SP1
SUSE Linux Enterprise Module for Server Applications 15 SP1
SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Linux Enterprise Storage 6
SUSE Manager Proxy 4.0
SUSE Manager Server 4.0
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
  • AND Package Information
  • nginx-1.14.2-6.3.1 is installed
  • OR nginx-source-1.14.2-6.3.1 is installed
    • BACK