package/nginx: add upstream security fix for CVE-2022-4174{1, 2} (8fa2ff28) · Commits · Infra Solutions / Reference Design / platsw / buildroot

Commit 8fa2ff28 authored Nov 19, 2022 by Peter Korsgaard Committed by Yann E. MORIN Nov 20, 2022

package/nginx: add upstream security fix for CVE-2022-4174{1, 2}

Fixes the following security issues:

- CVE-2022-41741: Memory corruption in the ngx_http_mp4_module
- CVE-2022-41742: Memory disclosure in the ngx_http_mp4_module

https://mailman.nginx.org/archives/list/nginx-announce@nginx.org/message/RBRRON6PYBJJM2XIAPQBFBVLR4Q6IHRA/



Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

parent e8b5feee

Hide whitespace changes

Inline Side-by-side

Please register or to comment