Accepted nginx 1.6.2-5+deb8u6 (source all amd64) into oldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 08 Nov 2018 18:32:42 +0100
Source: nginx
Binary: nginx nginx-doc nginx-common nginx-full nginx-full-dbg nginx-light nginx-light-dbg nginx-extras nginx-extras-dbg
Architecture: source all amd64
Version: 1.6.2-5+deb8u6
Distribution: jessie-security
Urgency: high
Maintainer: Kartik Mistry <kartik@debian.org>
Changed-By: Chris Lamb <lamby@debian.org>
Description:
nginx - small, powerful, scalable web/proxy server
nginx-common - small, powerful, scalable web/proxy server - common files
nginx-doc - small, powerful, scalable web/proxy server - documentation
nginx-extras - nginx web/proxy server (extended version)
nginx-extras-dbg - nginx web/proxy server (extended version) - debugging symbols
nginx-full - nginx web/proxy server (standard version)
nginx-full-dbg - nginx web/proxy server (standard version) - debugging symbols
nginx-light - nginx web/proxy server (basic version)
nginx-light-dbg - nginx web/proxy server (basic version) - debugging symbols
Closes: 913090
Changes:
nginx (1.6.2-5+deb8u6) jessie-security; urgency=high
.
* CVE-2018-16845: Prevent a denial of service vulnerability due to an integer
underflow whilst calculating an MP4 header sizes. Previously, there was no
validation for the size of a 64-bit atom in an MP4 file. This could lead to
a CPU hog when the size is 0 or various other problems due to integer
underflow when the calculating atom data size, including segmentation
faults or even worker-process memory disclosure. (Closes: #913090)
Checksums-Sha1:
d76b68ba2e6be79d34a1ee35d63cae2304627be5 2965 nginx_1.6.2-5+deb8u6.dsc
d4449b9a64cef46910de0768ab00689535898afb 612388 nginx_1.6.2-5+deb8u6.debian.tar.xz
58cfe8fc43cfd0bf359de0da52e968685152c8a4 72930 nginx_1.6.2-5+deb8u6_all.deb
2c30a93f505c8faced56e84760cd7ce2ca78c272 84462 nginx-doc_1.6.2-5+deb8u6_all.deb
44bca1d211ab60366e3aca410bdb3ede9cc31a05 88432 nginx-common_1.6.2-5+deb8u6_all.deb
83a937edd77f1416b46f3383812e4fd1e7a374fe 430636 nginx-full_1.6.2-5+deb8u6_amd64.deb
616d2c8413b01f6d156209b78dfa38bb1cb4465b 3141082 nginx-full-dbg_1.6.2-5+deb8u6_amd64.deb
0625df7a9f0557467c879e2261d37ab57b798d16 333208 nginx-light_1.6.2-5+deb8u6_amd64.deb
60346d46eaca45b80f72ecf13d61d56c8b022e57 2180344 nginx-light-dbg_1.6.2-5+deb8u6_amd64.deb
77744bcbb5fc160760aef995eefa77002a8fb314 595672 nginx-extras_1.6.2-5+deb8u6_amd64.deb
9f9f627ca7a12e3a1068a8ec0822b199aaa55bcf 4982726 nginx-extras-dbg_1.6.2-5+deb8u6_amd64.deb
Checksums-Sha256:
a15d73caaacf84468621470a57060c9f4b102fd2a6336774c2d71c1e88afc8a1 2965 nginx_1.6.2-5+deb8u6.dsc
2169161049dde243df3047206d3bb4651bc79d017d83a5b49820d27df8f2aafd 612388 nginx_1.6.2-5+deb8u6.debian.tar.xz
9d4af585935db68a1640a3931c2d53e9647c54e6c5cfb8a08a73c6e91bf25090 72930 nginx_1.6.2-5+deb8u6_all.deb
d6369c10136192adf86234e5d7303b6f6474cc895ebf82481d5f67e97ff76333 84462 nginx-doc_1.6.2-5+deb8u6_all.deb
89c6d4c4c66023a91ff7e3677f20d06931404e7881231920397bd15b5cf4e6cd 88432 nginx-common_1.6.2-5+deb8u6_all.deb
4c8e61f56fe0af4d301570d577f8747d3e943837a872c3bee85d2603d03400d1 430636 nginx-full_1.6.2-5+deb8u6_amd64.deb
202db8bc816c1243daf914d465b2e4a6b87b43ab4f6bfeb62910539284b1dbdd 3141082 nginx-full-dbg_1.6.2-5+deb8u6_amd64.deb
96af472d823ce5a3aaa51d0c2461f0722330c65874c65ee51a835d0bc00ab78a 333208 nginx-light_1.6.2-5+deb8u6_amd64.deb
492eb2e175a2f915a73e15b00f1052d33cfc11bd8bfff2f073cec6c7bf8e1ee2 2180344 nginx-light-dbg_1.6.2-5+deb8u6_amd64.deb
82a6d7a5c8c89ee942418801ef04cf40cc7722c758b9e6d6363d76bd9945a941 595672 nginx-extras_1.6.2-5+deb8u6_amd64.deb
8f42c2f7a0127a99b1fbd59e16eb94fe67393f70dd41c403822367b6f29a33a9 4982726 nginx-extras-dbg_1.6.2-5+deb8u6_amd64.deb
Files:
af95f140c6fa3e1b6c607ed82c3e357a 2965 httpd optional nginx_1.6.2-5+deb8u6.dsc
2b0702d3936161e63ecd31756a854b54 612388 httpd optional nginx_1.6.2-5+deb8u6.debian.tar.xz
393b4c0ee526cccdfd2aa71e3cefe93b 72930 httpd optional nginx_1.6.2-5+deb8u6_all.deb
a7e2bbe3d7cc41bd7e12e87530d601db 84462 doc optional nginx-doc_1.6.2-5+deb8u6_all.deb
08022ce8cf0fcf28361ef42db1987835 88432 httpd optional nginx-common_1.6.2-5+deb8u6_all.deb
d27bce75c268c615af62ca017631108b 430636 httpd optional nginx-full_1.6.2-5+deb8u6_amd64.deb
a37bc1e9ee13e4c9716f03e85b7e6863 3141082 debug extra nginx-full-dbg_1.6.2-5+deb8u6_amd64.deb
0530f440fa78c3affcff328e6c607337 333208 httpd extra nginx-light_1.6.2-5+deb8u6_amd64.deb
7e1b2743659d4b3a6943469367063ba9 2180344 debug extra nginx-light-dbg_1.6.2-5+deb8u6_amd64.deb
d77b914dc03237cc391c0a0c322af905 595672 httpd extra nginx-extras_1.6.2-5+deb8u6_amd64.deb
9dcf19b726bc1903de6b210980b538a8 4982726 debug extra nginx-extras-dbg_1.6.2-5+deb8u6_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlvkd+YACgkQHpU+J9Qx
Hljg5w/8CnVlebKXv3jWa/OYbFJyAAxR3DJAG4ubFy/mOYz/eQaBxkVE1rDnO65K
OdqYkSd4m8F9D9+v+vJpCwq5STzdmyZBeXJWUMc3+mVlRrqr0QFiFiPI85SRSxyr
kC0kFt65xTzQ8T4sF+BnGkD8DA+XCFfyzhGtDtOe7L3ktODVwrgC73jAPcXG4hrC
yzQXcMTZo6YDO7Nk/jkhhwuSaRgjAWqVjeBDGQ3b4+x2Dyxnta8STEoEE1l+oimd
JN91XRT8fYRaaHKy5Dp9aD1nD1bXhNSL9SIwhhcpdb4wmLP8zX2FO4+bHcNrDN17
Zths6Qzl1zzI2XkwK0EbZ/4KekypkGe/0EbEdWU86RrYbS2alvRi3cEZlWwEB9GH
2Tpfc0lblgvUAjNoSxGSnNt1U+ArYujepNuWXJH3PO0LaT/wumUTBjPe6x7XwdF2
vBKw6zXF8Gs7cV9xTh+JuHqL+orQxPMAEuNCPpJ4Ju0A/56V3LSgbdbExAG6XRbE
3Nw+KPFKyGy2N+xpsI185fCfN3WwqSggM8vyaZAgbjL1G3ivqYvzUbxQbVPcQzTP
Jii9qmU3CWUi2VUuVXxshJhe4RDm8yntD85BoeYCixAZHhBNIbWgNEusx5hWBBRA
HZxmdjIo7hD1UshTL9iC7EpeU1489ADm1S1GmY3Z6+foT3vz/PM=
=+THS
-----END PGP SIGNATURE-----