MFH: r484307
Update to 1.14.1
Changelog:
- Security: when using HTTP/2 a client might cause excessive memory consumption (CVE-2018-16843) and CPU usage (CVE-2018-16844).
- Security: processing of a specially crafted mp4 file with the ngx_http_mp4_module might result in worker process memory disclosure (CVE-2018-16845).
- Bugfix: working with gRPC backends might result in excessive memory consumption.
Security: 84ca56be-e1de-11e8-bcfd-00e04c1ea73d
Sponsored by: Netzkommune HmbH
Approved by: ports-secteam (miwi)