[nginx-announce] nginx security advisory (CVE-2018-16843, CVE-2018-16844)