On 2022/10/19 16:30, Sergey A. Osokin wrote:
> Hi,
>
> could you please review the following changes for the security
> update www/nginx to the recent stable version, 1.22.1.
adding maintainer to CC, it's usually helpful ..
> Here's the commit message.
> ---------------------------------------------------------------
> www/nginx: security update 1.22.0 -> 1.22.1
>
> <ChangeLog>
>
> *) Security: processing of a specially crafted mp4 file by the
> ngx_http_mp4_module might cause a worker process crash, worker
> process memory disclosure, or might have potential other impact
> (CVE-2022-41741, CVE-2022-41742).
I'm ok with the update however it is a noop for us as we don't build
that module in the port.
No comments:
Post a Comment