On 2022/10/19 16:30, Sergey A. Osokin wrote: > Hi, > > could you please review the following changes for the security > update www/nginx to the recent stable version, 1.22.1.
adding maintainer to CC, it's usually helpful .. > Here's the commit message. > --------------------------------------------------------------- > www/nginx: security update 1.22.0 -> 1.22.1 > > <ChangeLog> > > *) Security: processing of a specially crafted mp4 file by the > ngx_http_mp4_module might cause a worker process crash, worker > process memory disclosure, or might have potential other impact > (CVE-2022-41741, CVE-2022-41742). I'm ok with the update however it is a noop for us as we don't build that module in the port.