ELSA-2019-2799

ULN >
Oracle Linux Errata repository >
ELSA-2019-2799

ELSA-2019-2799 - nginx:1.14 security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2019-09-19

Description

[1:1.14.1-9.0.1]
- Remove Red Hat references [Orabug: 29498217]

[1:1.14.1-9]
- Resolves: #1744811 - CVE-2019-9511 nginx:1.14/nginx: HTTP/2: large amount of
data request leads to denial of service
- Resolves: #1744325 - CVE-2019-9513 nginx:1.14/nginx: HTTP/2: flood using
PRIORITY frames resulting in excessive resource consumption
- Resolves: #1745094 - CVE-2019-9516 nginx:1.14/nginx: HTTP/2: 0-length
headers leads to denial of service

Related CVEs

CVE-2019-9513

CVE-2019-9511

CVE-2019-9516

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	nginx-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.src.rpm	bf37c828d3afcc4e583c8b40d598de9bffc2eda9ec8e54960152e2b4e0816c46	-	ol8_aarch64_appstream
	nginx-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.src.rpm	bf37c828d3afcc4e583c8b40d598de9bffc2eda9ec8e54960152e2b4e0816c46	-	ol8_aarch64_appstream_developer
	nginx-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.aarch64.rpm	afe0af3070ca6a96b7237ab01cc446a7995ab2ef467257be14dd9ca414f92a44	-	ol8_aarch64_appstream
	nginx-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.aarch64.rpm	afe0af3070ca6a96b7237ab01cc446a7995ab2ef467257be14dd9ca414f92a44	-	ol8_aarch64_appstream_developer
	nginx-all-modules-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.noarch.rpm	b946c29c1a653fb9354a1398c9d269915a587a47e4e590bd70dbb2cd6370f47c	-	ol8_aarch64_appstream
	nginx-all-modules-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.noarch.rpm	b946c29c1a653fb9354a1398c9d269915a587a47e4e590bd70dbb2cd6370f47c	-	ol8_aarch64_appstream_developer
	nginx-filesystem-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.noarch.rpm	b4b5a91a7fe010b61e711c81251b8d47c05c996781c55ec216d8a0f76f39c41b	-	ol8_aarch64_appstream
	nginx-filesystem-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.noarch.rpm	b4b5a91a7fe010b61e711c81251b8d47c05c996781c55ec216d8a0f76f39c41b	-	ol8_aarch64_appstream_developer
	nginx-mod-http-image-filter-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.aarch64.rpm	4b400d4e4b26f18433cd48a54a8959cbefe3ef026a47f34e9eddaa3fbc221f7f	-	ol8_aarch64_appstream
	nginx-mod-http-image-filter-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.aarch64.rpm	4b400d4e4b26f18433cd48a54a8959cbefe3ef026a47f34e9eddaa3fbc221f7f	-	ol8_aarch64_appstream_developer
	nginx-mod-http-perl-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.aarch64.rpm	de351618090373547a9eb023e548cd3e54ae7406e4d0123530b61f82b66a7a3b	-	ol8_aarch64_appstream
	nginx-mod-http-perl-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.aarch64.rpm	de351618090373547a9eb023e548cd3e54ae7406e4d0123530b61f82b66a7a3b	-	ol8_aarch64_appstream_developer
	nginx-mod-http-xslt-filter-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.aarch64.rpm	470583b6290ce039f0fe341df58fb6fcc2895b570da6ad78d261dd2a5853287a	-	ol8_aarch64_appstream
	nginx-mod-http-xslt-filter-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.aarch64.rpm	470583b6290ce039f0fe341df58fb6fcc2895b570da6ad78d261dd2a5853287a	-	ol8_aarch64_appstream_developer
	nginx-mod-mail-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.aarch64.rpm	7793962e0fd7692857b655a494b1008528f3b9113dc3b3ce5b2b430fe71df60b	-	ol8_aarch64_appstream
	nginx-mod-mail-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.aarch64.rpm	7793962e0fd7692857b655a494b1008528f3b9113dc3b3ce5b2b430fe71df60b	-	ol8_aarch64_appstream_developer
	nginx-mod-stream-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.aarch64.rpm	0842975aa6ac8c144cebf7484ef79b68b817857c8011ab00b1d5b682fc5b1908	-	ol8_aarch64_appstream
	nginx-mod-stream-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.aarch64.rpm	0842975aa6ac8c144cebf7484ef79b68b817857c8011ab00b1d5b682fc5b1908	-	ol8_aarch64_appstream_developer

Oracle Linux 8 (x86_64)	nginx-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.src.rpm	bf37c828d3afcc4e583c8b40d598de9bffc2eda9ec8e54960152e2b4e0816c46	-	ol8_x86_64_appstream
	nginx-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.src.rpm	bf37c828d3afcc4e583c8b40d598de9bffc2eda9ec8e54960152e2b4e0816c46	-	ol8_x86_64_appstream_developer
	nginx-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.x86_64.rpm	ab156589f9f24de17f14224c12f20280fedb6edf88bb7decf4db7c2ac5506325	-	ol8_x86_64_appstream
	nginx-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.x86_64.rpm	ab156589f9f24de17f14224c12f20280fedb6edf88bb7decf4db7c2ac5506325	-	ol8_x86_64_appstream_developer
	nginx-all-modules-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.noarch.rpm	b946c29c1a653fb9354a1398c9d269915a587a47e4e590bd70dbb2cd6370f47c	-	ol8_x86_64_appstream
	nginx-all-modules-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.noarch.rpm	b946c29c1a653fb9354a1398c9d269915a587a47e4e590bd70dbb2cd6370f47c	-	ol8_x86_64_appstream_developer
	nginx-filesystem-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.noarch.rpm	b4b5a91a7fe010b61e711c81251b8d47c05c996781c55ec216d8a0f76f39c41b	-	ol8_x86_64_appstream
	nginx-filesystem-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.noarch.rpm	b4b5a91a7fe010b61e711c81251b8d47c05c996781c55ec216d8a0f76f39c41b	-	ol8_x86_64_appstream_developer
	nginx-mod-http-image-filter-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.x86_64.rpm	6d516a20252f338f000c3b4f6e072830c86af1274a317f7268ed4263c87706a5	-	ol8_x86_64_appstream
	nginx-mod-http-image-filter-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.x86_64.rpm	6d516a20252f338f000c3b4f6e072830c86af1274a317f7268ed4263c87706a5	-	ol8_x86_64_appstream_developer
	nginx-mod-http-perl-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.x86_64.rpm	b83b3dac69419d03d5f652f97f5039ba192b8c001e57e6885395141c96216aa6	-	ol8_x86_64_appstream
	nginx-mod-http-perl-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.x86_64.rpm	b83b3dac69419d03d5f652f97f5039ba192b8c001e57e6885395141c96216aa6	-	ol8_x86_64_appstream_developer
	nginx-mod-http-xslt-filter-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.x86_64.rpm	bd0bb71449cdf8d19408eb84a1d47c69da38bfc039674d03b67d093dd855417f	-	ol8_x86_64_appstream
	nginx-mod-http-xslt-filter-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.x86_64.rpm	bd0bb71449cdf8d19408eb84a1d47c69da38bfc039674d03b67d093dd855417f	-	ol8_x86_64_appstream_developer
	nginx-mod-mail-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.x86_64.rpm	3deab65e3375d74db11d3022e23dabf13688336410d914a0276ab0cebbe87d94	-	ol8_x86_64_appstream
	nginx-mod-mail-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.x86_64.rpm	3deab65e3375d74db11d3022e23dabf13688336410d914a0276ab0cebbe87d94	-	ol8_x86_64_appstream_developer
	nginx-mod-stream-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.x86_64.rpm	c4de518d129c895ee3ffcb942531a37b537678440b1b4f10d3c2ffc7d73e4a00	-	ol8_x86_64_appstream
	nginx-mod-stream-1.14.1-9.0.1.module+el8.0.0+5347+9282027e.x86_64.rpm	c4de518d129c895ee3ffcb942531a37b537678440b1b4f10d3c2ffc7d73e4a00	-	ol8_x86_64_appstream_developer

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691