Upstream has fixed 3 issues https://nginx.org/en/CHANGES-1.16 https://nginx.org/en/CHANGES
CVE: (none) => CVE-2019-9511, CVE-2019-9513, CVE-2019-9516Whiteboard: (none) => MGA7TOO
Nginx updated to 1.17.3 for Cauldron
Whiteboard: MGA7TOO => (none)Version: Cauldron => 7Source RPM: nginx-1.17.2-1.mga8.src.rpm => nginx-1.16.0-1.mga7.src.rpm
Advisory ======== When using HTTP/2 a client might cause excessive memory consumption and CPU usage (CVE-2019-9511, CVE-2019-9513, CVE-2019-9516). References ========== https://nginx.org/en/CHANGES-1.16 Files ===== Uploaded to core/updates_testing nginx-1.16.1-1.mga7 from nginx-1.16.1-1.mga7.src.rpm
Assignee: smelror => qa-bugs
Ubuntu has issued an advisory for this on August 15: https://usn.ubuntu.com/4099-1/ Mageia 6 is also affected.
CC: (none) => qa-bugsWhiteboard: (none) => MGA6TOOAssignee: qa-bugs => smelror
Severity: normal => major
Debian has issued an advisory for this on August 22: https://www.debian.org/security/2019/dsa-4505
Assignee: smelror => qa-bugsCC: qa-bugs => smelrorWhiteboard: MGA6TOO => (none)
MGA7-64 Plasma on Lenovo B50 No installation issues Followed procedure as per bug 13044: # systemctl stop httpd # nginx then point browser at http://localhost/ and get in the page: "Welcome to nginx 1.6.2 on Mageia!" OK for me.
Whiteboard: (none) => MGA7-64-OKCC: (none) => herman.viaene
Valdating. Advisory in Comment 2.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => advisoryCC: (none) => tmb
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2019-0342.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED