[Pkg-nginx-maintainers] nginx 1.22.1-1
Jan Mojzis
jan.mojzis at gmail.com
Wed Oct 26 18:05:09 BST 2022
Hello,
19.10. has been released new nginx 1.22.1 with a fix for the memory corruption and memory
disclosure vulnerabilities in the ngx_http_mp4_module (CVE-2022-41741, CVE-2022-41742).
I am preparing to upload the debian version 1.22.1-1.
Upload is a bit more complicated than before after separating libnginx-mod-http-lua
because the packages (nginx and libnginx-mod-http-lua) depend on each other.
First I will upload both packages to the experimental (tomorrow 27.10. GM 18:00)
And if everything is ok, then I will upload both packages to unstable (I assume 1.11. at the earliest).
Comments are welcome.
Jan
More information about the Pkg-nginx-maintainers
mailing list