-
Mon May 19 2025 Kevin Lyons <kevin.x.lyons@oracle.com> - 1.20.1-22.0.1.2
- Reference oracle-indexhtml within Requires [Orabug: 33802044]
- Remove Red Hat references [Orabug: 29498217]
- Update upstream references [Orabug: 36579090]
-
Wed May 14 2025 Luboš Uhliarik <luhliari@redhat.com> - 2:1.20.1-22.2
- Resolves: RHEL-85556 - nginx: Memory disclosure in the
ngx_http_mp4_module (CVE-2022-41742)
- Resolves: RHEL-91446 - nginx: Memory corruption in the
ngx_http_mp4_module (CVE-2022-41741)
-
Wed May 14 2025 Luboš Uhliarik <luhliari@redhat.com> - 2:1.20.1-22.1
- Resolves: RHEL-84477 - nginx: specially crafted MP4 file may cause
denial of service (CVE-2024-7347)
-
Thu Feb 13 2025 Luboš Uhliarik <luhliari@redhat.com> - 2:1.20.1-22
- Resolves: RHEL-78236 - nginx: TLS Session Resumption
Vulnerability (CVE-2025-23419)
-
Wed Feb 05 2025 Luboš Uhliarik <luhliari@redhat.com> - 2:1.20.1-21
- Resolves: RHEL-77486 - [RFE] nginx use systemd-sysusers
-
Mon Jul 15 2024 Luboš Uhliarik <luhliari@redhat.com> - 2:1.20.1-20
- Resolves: RHEL-40075 - nginx worker processes memory leak
-
Mon Jun 10 2024 Luboš Uhliarik <luhliari@redhat.com> - 1:1.20.1-19
- Resolves: RHEL-40371- openssl 3.2 ENGINE regression
-
Thu May 30 2024 Luboš Uhliarik <luhliari@redhat.com> - 2:1.20.1-17
- bump package epoch to resolve RHEL-33939
- Resolves: RHEL-33939 - Update path for nginx broken for existing CS
installations
-
Mon Oct 16 2023 Luboš Uhliarik <luhliari@redhat.com> - 1:1.20.1-16
- Resolves: RHEL-12518 - nginx: HTTP/2: Multiple HTTP/2 enabled web servers are
vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)