Debian Package Tracker

From: Christos Trochalakis <ctrochalakis@debian.org>
To: <>
Subject: Accepted nginx 1.14.2-2+deb10u1 (source) into stable->embargoed, stable
Date: Thu, 22 Aug 2019 19:37:47 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 20 Aug 2019 11:22:25 EEST
Source: nginx
Architecture: source
Version: 1.14.2-2+deb10u1
Distribution: buster-security
Urgency: high
Maintainer: Debian Nginx Maintainers <pkg-nginx-maintainers@alioth-lists.debian.net>
Changed-By: Christos Trochalakis <ctrochalakis@debian.org>
Closes: 935037
Changes:
 nginx (1.14.2-2+deb10u1) buster-security; urgency=high
 .
   * Backport upstream fixes for 3 CVEs (Closes: #935037)
     Those fixes affect Nginx HTTP/2 implementation, which might cause
     excessive memory consumption and CPU usage.
     (CVE-2019-9511, CVE-2019-9513, CVE-2019-9516).
Checksums-Sha256: 
 8935b5c2112c455de7ce7ba72775c0a7bd78d81f414cef937ff9f1387f724add 4181 nginx_1.14.2-2+deb10u1.dsc
 4ef00aec16c1e8a06b601ed289186c0c2f62a64bc26ac2d90ece206e1bf5414c 930528 nginx_1.14.2-2+deb10u1.debian.tar.xz
 002d9f6154e331886a2dd4e6065863c9c1cf8291ae97a1255308572c02be9797 1015384 nginx_1.14.2.orig.tar.gz
Checksums-Sha1: 
 323d63f03ee782b1df9ed7224ad3be55bd3a9eda 4181 nginx_1.14.2-2+deb10u1.dsc
 06747ed005f581034b6474de27904ace0bb9d52d 930528 nginx_1.14.2-2+deb10u1.debian.tar.xz
 4b4df8786b44e79cffd2e002a070e27fd774a17f 1015384 nginx_1.14.2.orig.tar.gz
Files: 
 781029f4e8afd93c1adb17e37ceecc4f 4181 httpd optional nginx_1.14.2-2+deb10u1.dsc
 46b6ddee759e727c57bcf688abc2f8d1 930528 httpd optional nginx_1.14.2-2+deb10u1.debian.tar.xz
 239b829a13cea1d244c1044e830bd9c2 1015384 httpd optional nginx_1.14.2.orig.tar.gz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEf2SPbCEjyY+zKcgrETYmAKdH7NkFAl1bsDMACgkQETYmAKdH
7NnmFQ/+NVeW+WzKJM8yCdRLSVNaiyCKP1v8Fbpf97TGkyspN58Rfkg2Qf/EV5Fp
PlYmrOkTAa5HuBqwkuJYDzcoOEcXJU/i8Hss1kvuaj/y1RmxYUo+TymG8720ftWu
qQTUgyeBjxtlrY0gtN2dJICfrbVQhWbY/CxnOiPdPoBMIPZS1kwdUZCxnBJxPElq
Iry7cTxW/4Alt1W2l93H/1UBmLIAUSPFIwJ80QaGIxwkx/s4E/ryfes7k93en42K
MuPJfGTALmrkuWMdA1jUI3VQ9RqyCr7PXbAhOsZe4HPM6qdZJ5FCeK6JmCPXhxlo
HoKF63OvZgz9c5GfYJhzthe/bl4h9t3L0uUST9eCLkDSLsbVAECsj9/6JilBhsda
lflBKr/F6oREGgdLPnc8tGq6a3tAcQYmdF6+EivP96w7FwVkLNlGT00jKh/aRTB0
iiYZMwOcUssyyf/jDKYbM9vynPchbrFkx/DQG9DZaVKDpiPXHuYDPI2yD2jzrgLd
ueeF4RCzK1dJOr9ga80w6+m13Cco5px5uDqsZPlUgCmLUwWRnPiuDbXE8ggrCt06
9Wm2ii8IBSD+T9BW5ZgRhgUukviS6hj5tx5a6XCc+qyPWsATEQjb0JACKVD6SvwJ
e6GLSIE8c3rtDumqRTHWKRmJw5Q1DHx8MZZX6XcEAo6lHdlGhts=
=YNLV
-----END PGP SIGNATURE-----
News for package nginx
