-
Wed Dec 16 2020 Darren Archibald <darren.archibald@oracle.com> - 1:1.16.1-1.0.1.1
- Remove Red Hat references [Orabug: 29498217]
-
Tue Nov 24 2020 Lubos Uhliarik <luhliari@redhat.com> - 1:1.16.1-1.1
- Resolves: #1898952 - CVE 2019-20372 nginx:1.16/nginx: HTTP request smuggling
via error pages in http/ngx_http_special_response.c
-
Thu Aug 29 2019 Lubos Uhliarik <luhliari@redhat.com> - 1:1.16.1-1
- update to 1.16.1
- Resolves: #1745697 - CVE-2019-9511 nginx:1.16/nginx: HTTP/2: large amount
of data request leads to denial of service
- Resolves: #1745690 - CVE-2019-9513 nginx:1.16/nginx: HTTP/2: flood using
PRIORITY frames resulting in excessive resource consumption
- Resolves: #1745645 - CVE-2019-9516 nginx:1.16/nginx: HTTP/2: 0-length
headers leads to denial of service
-
Wed Jun 26 2019 Lubos Uhliarik <luhliari@redhat.com> - 1:1.16.0-2
- Resolves: #1718929 - ssl_protocols config option has faulty behavior
in nginx:1.16
-
Mon May 06 2019 Lubos Uhliarik <luhliari@redhat.com> - 1:1.16.0-1
- new version 1.16.0
- enable ngx_stream_ssl_preread module
- main package does NOT require all-modules package
-
Wed Dec 12 2018 Lubos Uhliarik <luhliari@redhat.com> - 1:1.14.1-8
- enable TLS 1.3 by default (#1643647)
- TLSv1.0 and TLSv1.1 can be enabled now (#1644746)
-
Tue Dec 11 2018 Joe Orton <jorton@redhat.com> - 1:1.14.1-3
- fix unexpanded paths in nginx(8) (#1643069)
-
Mon Dec 03 2018 Lubos Uhliarik <luhliari@redhat.com> - 1:1.14.1-2
- Resolves: #1655530 - Hardening tests fail for nginx
-
Mon Nov 19 2018 Lubos Uhliarik <luhliari@redhat.com> - 1:1.14.1-1
- new version 1.14.1
- Resolves: #1647257 - CVE-2018-16845 nginx: Denial of service and
memory disclosure via mp4 module
- Resolves: #1647262 - CVE-2018-16844 nginx: Excessive CPU usage
via flaw in HTTP/2 implementation
- Resolves: #1647263 - CVE-2018-16843 nginx: Excessive memory consumption
via flaw in HTTP/2 implementation
-
Wed Aug 08 2018 Joe Orton <jorton@redhat.com> - 1:1.14.0-3
- fix PKCS#11 support (Anderson Sasaki, #1545526)