Format: 1.8 Date: Tue, 06 Nov 2018 13:55:13 -0500 Source: nginx Binary: nginx nginx-doc nginx-common nginx-core nginx-core-dbg nginx-full nginx-full-dbg nginx-light nginx-light-dbg nginx-extras nginx-extras-dbg Architecture: i386 i386_translations Version: 1.10.3-0ubuntu0.16.04.3 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: nginx - small, powerful, scalable web/proxy server nginx-common - small, powerful, scalable web/proxy server - common files nginx-core - nginx web/proxy server (core version) nginx-core-dbg - nginx web/proxy server (core version) - debugging symbols nginx-doc - small, powerful, scalable web/proxy server - documentation nginx-extras - nginx web/proxy server (extended version) nginx-extras-dbg - nginx web/proxy server (extended version) - debugging symbols nginx-full - nginx web/proxy server (standard version) nginx-full-dbg - nginx web/proxy server (standard version) - debugging symbols nginx-light - nginx web/proxy server (basic version) nginx-light-dbg - nginx web/proxy server (basic version) - debugging symbols Changes: nginx (1.10.3-0ubuntu0.16.04.3) xenial-security; urgency=medium . * SECURITY UPDATE: excessive memory consumption in HTTP/2 implementation - debian/patches/CVE-2018-16843.patch: add flood detection in src/http/v2/ngx_http_v2.c, src/http/v2/ngx_http_v2.h. - CVE-2018-16843 * SECURITY UPDATE: excessive CPU usage in HTTP/2 implementation - debian/patches/CVE-2018-16844-pre.patch: backport new http2_max_requests directive. - debian/patches/CVE-2018-16844.patch: limit the number of idle state switches in src/http/v2/ngx_http_v2.c, src/http/v2/ngx_http_v2.h. - CVE-2018-16844 * SECURITY UPDATE: infinite loop in ngx_http_mp4_module - debian/patches/CVE-2018-16845.patch: fixed reading 64-bit atoms in src/http/modules/ngx_http_mp4_module.c. - CVE-2018-16845 Checksums-Sha1: c91fc70fb5b67c5dbec85d83c309e00d019390c3 3177022 nginx-core-dbg_1.10.3-0ubuntu0.16.04.3_i386.deb f9c7e68e75d2a33c35c47308bd75fe456a54482b 1352 nginx-core-dbgsym_1.10.3-0ubuntu0.16.04.3_i386.ddeb eec58cfa59e9b302494febf4fa3702c97721e17a 470760 nginx-core_1.10.3-0ubuntu0.16.04.3_i386.deb e19ba2c775005e983c1d197af29a0fc17be2fc03 5614570 nginx-extras-dbg_1.10.3-0ubuntu0.16.04.3_i386.deb 76a4385bb001ebf77b303cb47edfc15c60f0fb9e 1436 nginx-extras-dbgsym_1.10.3-0ubuntu0.16.04.3_i386.ddeb 68565bf457da12bc9c31fd7763b33966880ecc01 696444 nginx-extras_1.10.3-0ubuntu0.16.04.3_i386.deb b07802fff94115251d3527381da7f2d61a74b5f2 3610908 nginx-full-dbg_1.10.3-0ubuntu0.16.04.3_i386.deb e0cad412d59d0911cd5a5d533fc9c4f4b99ec240 1350 nginx-full-dbgsym_1.10.3-0ubuntu0.16.04.3_i386.ddeb aed318537bdaf169695d7ddb822c757eaffaf6b4 497694 nginx-full_1.10.3-0ubuntu0.16.04.3_i386.deb aa808a01fdd7c4b36d14ebb91b101be8840111e0 2297370 nginx-light-dbg_1.10.3-0ubuntu0.16.04.3_i386.deb bb5c4875eada35d4f95f254df23e03c180e36f88 1144 nginx-light-dbgsym_1.10.3-0ubuntu0.16.04.3_i386.ddeb 56bc6ca575067cfbb3cebee440343391df592eb5 349040 nginx-light_1.10.3-0ubuntu0.16.04.3_i386.deb 758a688e1c4f0906c10801d8afa6568b1445065a 905 nginx_1.10.3-0ubuntu0.16.04.3_i386_translations.tar.gz Checksums-Sha256: 72b5652885e8c3eef2e541eb6703155a777d9fe4c0cc7cbc0656bbb8492b332a 3177022 nginx-core-dbg_1.10.3-0ubuntu0.16.04.3_i386.deb 273e8361b2e2dc1bb29d79bda867bfe9f2368a9c9ae62fc5dc72f4fdf1e7a012 1352 nginx-core-dbgsym_1.10.3-0ubuntu0.16.04.3_i386.ddeb dd21b06c8b341f9dc3656ad41f23ed489dd794e209d0debf64b993107c07408c 470760 nginx-core_1.10.3-0ubuntu0.16.04.3_i386.deb 8283bc35af3806190b2b16ec8b47ad6a203d4c303e94c3b1885b5f0f733c4005 5614570 nginx-extras-dbg_1.10.3-0ubuntu0.16.04.3_i386.deb 2229490477f643b4cf29d4edb73610f7b38070cb0994512c620aaec464b46e22 1436 nginx-extras-dbgsym_1.10.3-0ubuntu0.16.04.3_i386.ddeb 7b315a16e4f76b1af4c324acbfccceeeb2472c30dcbc3fabc5447445e6e252a3 696444 nginx-extras_1.10.3-0ubuntu0.16.04.3_i386.deb da2398d6dd22787df2725c857b63018d665b2ee2529e635f61be5b6d5b3c54c1 3610908 nginx-full-dbg_1.10.3-0ubuntu0.16.04.3_i386.deb 534e612309a82bb7265bc4ae327ca7add228679e28c450df5c49d455cfc25f0c 1350 nginx-full-dbgsym_1.10.3-0ubuntu0.16.04.3_i386.ddeb a5a7a24b34fe677d6d0d8a68935b38d85530906ccbe0301a15e593cc491e270f 497694 nginx-full_1.10.3-0ubuntu0.16.04.3_i386.deb 544be760039e9d4f5a2fa6f8bc707335a928cc4aa6c75d615b425e60566d9540 2297370 nginx-light-dbg_1.10.3-0ubuntu0.16.04.3_i386.deb 66312511439d14d50f33003973589f92c91e7448f2a7491ebcd87321d01d8f23 1144 nginx-light-dbgsym_1.10.3-0ubuntu0.16.04.3_i386.ddeb 5dbbdd0a966853851b04cf8cdd1ae52ec48f38a2f8f48b9ac47dfeb121ce67fe 349040 nginx-light_1.10.3-0ubuntu0.16.04.3_i386.deb a861734182e371507b8668ac510275ca72164a17bc75d6a3abb142736d0c6b71 905 nginx_1.10.3-0ubuntu0.16.04.3_i386_translations.tar.gz Files: 0aab76a9bf5ff7426d4e8d443526fd3a 3177022 debug extra nginx-core-dbg_1.10.3-0ubuntu0.16.04.3_i386.deb a316507c5cf7fad87d916d634d42a0d4 1352 httpd extra nginx-core-dbgsym_1.10.3-0ubuntu0.16.04.3_i386.ddeb 5aabdbeb04c8c7521952876348b5dabe 470760 httpd optional nginx-core_1.10.3-0ubuntu0.16.04.3_i386.deb e3196bd0312ee26842d0cb34442bc4d9 5614570 debug extra nginx-extras-dbg_1.10.3-0ubuntu0.16.04.3_i386.deb ddfd04a1f98abf50e68adfaa51b831d0 1436 httpd extra nginx-extras-dbgsym_1.10.3-0ubuntu0.16.04.3_i386.ddeb ea7dbf955188bb2aa3022876fdf647a2 696444 httpd extra nginx-extras_1.10.3-0ubuntu0.16.04.3_i386.deb 3196b72937cb57635e53d2f2889ef04a 3610908 debug extra nginx-full-dbg_1.10.3-0ubuntu0.16.04.3_i386.deb 7165bcdc6599e0ab4039ef42241f0f3a 1350 httpd extra nginx-full-dbgsym_1.10.3-0ubuntu0.16.04.3_i386.ddeb 95f77711bdb30a21ce3520d43f0c85e9 497694 httpd optional nginx-full_1.10.3-0ubuntu0.16.04.3_i386.deb c3bac5aecce62f4e1833af0d44139270 2297370 debug extra nginx-light-dbg_1.10.3-0ubuntu0.16.04.3_i386.deb 4bfb461d40d3d7fe2a52b998c72b0035 1144 httpd extra nginx-light-dbgsym_1.10.3-0ubuntu0.16.04.3_i386.ddeb 5e6b4c53bd49d0361d21ca6deda2ef9e 349040 httpd extra nginx-light_1.10.3-0ubuntu0.16.04.3_i386.deb 1313e7519c451d8f6f8d31c54f83cdba 905 raw-translations - nginx_1.10.3-0ubuntu0.16.04.3_i386_translations.tar.gz Original-Maintainer: Kartik Mistry