nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage.
The following packages have been upgraded to a later upstream version: rh-nginx114-nginx (1.14.1). (BZ#1648365)
Security Fix(es):
nginx: Denial of service and memory disclosure via mp4 module (CVE-2018-16845)
nginx: Excessive memory consumption via flaw in HTTP/2 implementation (CVE-2018-16843)
nginx: Excessive CPU usage via flaw in HTTP/2 implementation (CVE-2018-16844)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank the Nginx project for reporting these issues.