Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2021-2259

Опубликовано: 08 июн. 2021
Источник: oracle-oval
Платформа: Oracle Linux 8

Описание

ELSA-2021-2259: nginx:1.18 security update (IMPORTANT)

[1.18.0-3.1.0.1]

  • Remove Red Hat references [Orabug: 29498217]

[1:1.18.0-3.1]

  • Resolves: #1963178 - CVE-2021-23017 nginx:1.18/nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

Module nginx:1.18 is enabled

nginx

1.18.0-3.0.1.module+el8.4.0+20183+8c128c59.1

nginx-all-modules

1.18.0-3.0.1.module+el8.4.0+20183+8c128c59.1

nginx-filesystem

1.18.0-3.0.1.module+el8.4.0+20183+8c128c59.1

nginx-mod-http-image-filter

1.18.0-3.0.1.module+el8.4.0+20183+8c128c59.1

nginx-mod-http-perl

1.18.0-3.0.1.module+el8.4.0+20183+8c128c59.1

nginx-mod-http-xslt-filter

1.18.0-3.0.1.module+el8.4.0+20183+8c128c59.1

nginx-mod-mail

1.18.0-3.0.1.module+el8.4.0+20183+8c128c59.1

nginx-mod-stream

1.18.0-3.0.1.module+el8.4.0+20183+8c128c59.1

Oracle Linux x86_64

Module nginx:1.18 is enabled

nginx

1.18.0-3.0.1.module+el8.4.0+20183+8c128c59.1

nginx-all-modules

1.18.0-3.0.1.module+el8.4.0+20183+8c128c59.1

nginx-filesystem

1.18.0-3.0.1.module+el8.4.0+20183+8c128c59.1

nginx-mod-http-image-filter

1.18.0-3.0.1.module+el8.4.0+20183+8c128c59.1

nginx-mod-http-perl

1.18.0-3.0.1.module+el8.4.0+20183+8c128c59.1

nginx-mod-http-xslt-filter

1.18.0-3.0.1.module+el8.4.0+20183+8c128c59.1

nginx-mod-mail

1.18.0-3.0.1.module+el8.4.0+20183+8c128c59.1

nginx-mod-stream

1.18.0-3.0.1.module+el8.4.0+20183+8c128c59.1

Связанные CVE

CVE-2021-23017

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2021-23017

CVSS3: 7.7
ubuntu
около 4 лет назад

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

redhat логотип

CVE-2021-23017

CVSS3: 8.1
redhat
около 4 лет назад

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

nvd логотип

CVE-2021-23017

CVSS3: 7.7
nvd
около 4 лет назад

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

msrc логотип

CVE-2021-23017

CVSS3: 7.7
msrc
около 4 лет назад

Описание отсутствует

debian логотип

CVE-2021-23017

CVSS3: 7.7
debian
около 4 лет назад

A security issue in nginx resolver was identified, which might allow a ...