Debian Package Tracker

From: Chris Lamb <lamby@debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted nginx 1.6.2-5+deb8u6 (source all amd64) into oldstable
Date: Thu, 08 Nov 2018 18:00:27 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 08 Nov 2018 18:32:42 +0100
Source: nginx
Binary: nginx nginx-doc nginx-common nginx-full nginx-full-dbg nginx-light nginx-light-dbg nginx-extras nginx-extras-dbg
Architecture: source all amd64
Version: 1.6.2-5+deb8u6
Distribution: jessie-security
Urgency: high
Maintainer: Kartik Mistry <kartik@debian.org>
Changed-By: Chris Lamb <lamby@debian.org>
Description:
 nginx      - small, powerful, scalable web/proxy server
 nginx-common - small, powerful, scalable web/proxy server - common files
 nginx-doc  - small, powerful, scalable web/proxy server - documentation
 nginx-extras - nginx web/proxy server (extended version)
 nginx-extras-dbg - nginx web/proxy server (extended version) - debugging symbols
 nginx-full - nginx web/proxy server (standard version)
 nginx-full-dbg - nginx web/proxy server (standard version) - debugging symbols
 nginx-light - nginx web/proxy server (basic version)
 nginx-light-dbg - nginx web/proxy server (basic version) - debugging symbols
Closes: 913090
Changes:
 nginx (1.6.2-5+deb8u6) jessie-security; urgency=high
 .
   * CVE-2018-16845: Prevent a denial of service vulnerability due to an integer
     underflow whilst calculating an MP4 header sizes. Previously, there was no
     validation for the size of a 64-bit atom in an MP4 file. This could lead to
     a CPU hog when the size is 0 or various other problems due to integer
     underflow when the calculating atom data size, including segmentation
     faults or even worker-process memory disclosure. (Closes: #913090)
Checksums-Sha1:
 d76b68ba2e6be79d34a1ee35d63cae2304627be5 2965 nginx_1.6.2-5+deb8u6.dsc
 d4449b9a64cef46910de0768ab00689535898afb 612388 nginx_1.6.2-5+deb8u6.debian.tar.xz
 58cfe8fc43cfd0bf359de0da52e968685152c8a4 72930 nginx_1.6.2-5+deb8u6_all.deb
 2c30a93f505c8faced56e84760cd7ce2ca78c272 84462 nginx-doc_1.6.2-5+deb8u6_all.deb
 44bca1d211ab60366e3aca410bdb3ede9cc31a05 88432 nginx-common_1.6.2-5+deb8u6_all.deb
 83a937edd77f1416b46f3383812e4fd1e7a374fe 430636 nginx-full_1.6.2-5+deb8u6_amd64.deb
 616d2c8413b01f6d156209b78dfa38bb1cb4465b 3141082 nginx-full-dbg_1.6.2-5+deb8u6_amd64.deb
 0625df7a9f0557467c879e2261d37ab57b798d16 333208 nginx-light_1.6.2-5+deb8u6_amd64.deb
 60346d46eaca45b80f72ecf13d61d56c8b022e57 2180344 nginx-light-dbg_1.6.2-5+deb8u6_amd64.deb
 77744bcbb5fc160760aef995eefa77002a8fb314 595672 nginx-extras_1.6.2-5+deb8u6_amd64.deb
 9f9f627ca7a12e3a1068a8ec0822b199aaa55bcf 4982726 nginx-extras-dbg_1.6.2-5+deb8u6_amd64.deb
Checksums-Sha256:
 a15d73caaacf84468621470a57060c9f4b102fd2a6336774c2d71c1e88afc8a1 2965 nginx_1.6.2-5+deb8u6.dsc
 2169161049dde243df3047206d3bb4651bc79d017d83a5b49820d27df8f2aafd 612388 nginx_1.6.2-5+deb8u6.debian.tar.xz
 9d4af585935db68a1640a3931c2d53e9647c54e6c5cfb8a08a73c6e91bf25090 72930 nginx_1.6.2-5+deb8u6_all.deb
 d6369c10136192adf86234e5d7303b6f6474cc895ebf82481d5f67e97ff76333 84462 nginx-doc_1.6.2-5+deb8u6_all.deb
 89c6d4c4c66023a91ff7e3677f20d06931404e7881231920397bd15b5cf4e6cd 88432 nginx-common_1.6.2-5+deb8u6_all.deb
 4c8e61f56fe0af4d301570d577f8747d3e943837a872c3bee85d2603d03400d1 430636 nginx-full_1.6.2-5+deb8u6_amd64.deb
 202db8bc816c1243daf914d465b2e4a6b87b43ab4f6bfeb62910539284b1dbdd 3141082 nginx-full-dbg_1.6.2-5+deb8u6_amd64.deb
 96af472d823ce5a3aaa51d0c2461f0722330c65874c65ee51a835d0bc00ab78a 333208 nginx-light_1.6.2-5+deb8u6_amd64.deb
 492eb2e175a2f915a73e15b00f1052d33cfc11bd8bfff2f073cec6c7bf8e1ee2 2180344 nginx-light-dbg_1.6.2-5+deb8u6_amd64.deb
 82a6d7a5c8c89ee942418801ef04cf40cc7722c758b9e6d6363d76bd9945a941 595672 nginx-extras_1.6.2-5+deb8u6_amd64.deb
 8f42c2f7a0127a99b1fbd59e16eb94fe67393f70dd41c403822367b6f29a33a9 4982726 nginx-extras-dbg_1.6.2-5+deb8u6_amd64.deb
Files:
 af95f140c6fa3e1b6c607ed82c3e357a 2965 httpd optional nginx_1.6.2-5+deb8u6.dsc
 2b0702d3936161e63ecd31756a854b54 612388 httpd optional nginx_1.6.2-5+deb8u6.debian.tar.xz
 393b4c0ee526cccdfd2aa71e3cefe93b 72930 httpd optional nginx_1.6.2-5+deb8u6_all.deb
 a7e2bbe3d7cc41bd7e12e87530d601db 84462 doc optional nginx-doc_1.6.2-5+deb8u6_all.deb
 08022ce8cf0fcf28361ef42db1987835 88432 httpd optional nginx-common_1.6.2-5+deb8u6_all.deb
 d27bce75c268c615af62ca017631108b 430636 httpd optional nginx-full_1.6.2-5+deb8u6_amd64.deb
 a37bc1e9ee13e4c9716f03e85b7e6863 3141082 debug extra nginx-full-dbg_1.6.2-5+deb8u6_amd64.deb
 0530f440fa78c3affcff328e6c607337 333208 httpd extra nginx-light_1.6.2-5+deb8u6_amd64.deb
 7e1b2743659d4b3a6943469367063ba9 2180344 debug extra nginx-light-dbg_1.6.2-5+deb8u6_amd64.deb
 d77b914dc03237cc391c0a0c322af905 595672 httpd extra nginx-extras_1.6.2-5+deb8u6_amd64.deb
 9dcf19b726bc1903de6b210980b538a8 4982726 debug extra nginx-extras-dbg_1.6.2-5+deb8u6_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlvkd+YACgkQHpU+J9Qx
Hljg5w/8CnVlebKXv3jWa/OYbFJyAAxR3DJAG4ubFy/mOYz/eQaBxkVE1rDnO65K
OdqYkSd4m8F9D9+v+vJpCwq5STzdmyZBeXJWUMc3+mVlRrqr0QFiFiPI85SRSxyr
kC0kFt65xTzQ8T4sF+BnGkD8DA+XCFfyzhGtDtOe7L3ktODVwrgC73jAPcXG4hrC
yzQXcMTZo6YDO7Nk/jkhhwuSaRgjAWqVjeBDGQ3b4+x2Dyxnta8STEoEE1l+oimd
JN91XRT8fYRaaHKy5Dp9aD1nD1bXhNSL9SIwhhcpdb4wmLP8zX2FO4+bHcNrDN17
Zths6Qzl1zzI2XkwK0EbZ/4KekypkGe/0EbEdWU86RrYbS2alvRi3cEZlWwEB9GH
2Tpfc0lblgvUAjNoSxGSnNt1U+ArYujepNuWXJH3PO0LaT/wumUTBjPe6x7XwdF2
vBKw6zXF8Gs7cV9xTh+JuHqL+orQxPMAEuNCPpJ4Ju0A/56V3LSgbdbExAG6XRbE
3Nw+KPFKyGy2N+xpsI185fCfN3WwqSggM8vyaZAgbjL1G3ivqYvzUbxQbVPcQzTP
Jii9qmU3CWUi2VUuVXxshJhe4RDm8yntD85BoeYCixAZHhBNIbWgNEusx5hWBBRA
HZxmdjIo7hD1UshTL9iC7EpeU1489ADm1S1GmY3Z6+foT3vz/PM=
=+THS
-----END PGP SIGNATURE-----
News for package nginx
