Subject: CVS commit: [pkgsrc-2018Q3] pkgsrc/www/nginx
From: S.P.Zeidler
Date: 2018-12-12 07:54:14
Message id: 20181212065415.1247CFB16@cvs.NetBSD.org
Log Message:
Pullup ticket #5884 - requested by nia
www/nginx: security update

Revisions pulled up:
- www/nginx/Makefile                                            1.80
- www/nginx/distinfo                                            1.65
- www/nginx/options.mk                                          1.48

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Fri Nov 16 00:26:19 UTC 2018

   Modified Files:
   	pkgsrc/www/nginx: Makefile distinfo options.mk

   Log Message:
   www/nginx: Update to nginx-1.14.1

   Changes with nginx 1.14.1                                        06 Nov 2018

       *) Security: when using HTTP/2 a client might cause excessive memory
          consumption (CVE-2018-16843) and CPU usage (CVE-2018-16844).

       *) Security: processing of a specially crafted mp4 file with the
          ngx_http_mp4_module might result in worker process memory disclosure
          (CVE-2018-16845).

       *) Bugfix: working with gRPC backends might result in excessive memory
          consumption.

   To generate a diff of this commit:
   cvs rdiff -u -r1.79 -r1.80 pkgsrc/www/nginx/Makefile
   cvs rdiff -u -r1.64 -r1.65 pkgsrc/www/nginx/distinfo
   cvs rdiff -u -r1.47 -r1.48 pkgsrc/www/nginx/options.mk
Files:
RevisionActionfile
1.79.2.1modifypkgsrc/www/nginx/Makefile
1.64.2.1modifypkgsrc/www/nginx/distinfo
1.46.2.1modifypkgsrc/www/nginx/options.mk