Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2022-0323

Опубликовано: 01 фев. 2022
Источник: oracle-oval
Платформа: Oracle Linux 8

Описание

ELSA-2022-0323: nginx:1.20 security update (IMPORTANT)

[1.20.1-1.0.1]

  • Remove Red Hat references [Orabug: 29498217]

[1:1.20.1-1]

  • rebase to 1.20.1 (addressing CVE-2021-23017)

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

Module nginx:1.20 is enabled

nginx

1.20.1-1.0.1.module+el8.5.0+20483+2c28049e

nginx-all-modules

1.20.1-1.0.1.module+el8.5.0+20483+2c28049e

nginx-filesystem

1.20.1-1.0.1.module+el8.5.0+20483+2c28049e

nginx-mod-http-image-filter

1.20.1-1.0.1.module+el8.5.0+20483+2c28049e

nginx-mod-http-perl

1.20.1-1.0.1.module+el8.5.0+20483+2c28049e

nginx-mod-http-xslt-filter

1.20.1-1.0.1.module+el8.5.0+20483+2c28049e

nginx-mod-mail

1.20.1-1.0.1.module+el8.5.0+20483+2c28049e

nginx-mod-stream

1.20.1-1.0.1.module+el8.5.0+20483+2c28049e

Oracle Linux x86_64

Module nginx:1.20 is enabled

nginx

1.20.1-1.0.1.module+el8.5.0+20483+2c28049e

nginx-all-modules

1.20.1-1.0.1.module+el8.5.0+20483+2c28049e

nginx-filesystem

1.20.1-1.0.1.module+el8.5.0+20483+2c28049e

nginx-mod-http-image-filter

1.20.1-1.0.1.module+el8.5.0+20483+2c28049e

nginx-mod-http-perl

1.20.1-1.0.1.module+el8.5.0+20483+2c28049e

nginx-mod-http-xslt-filter

1.20.1-1.0.1.module+el8.5.0+20483+2c28049e

nginx-mod-mail

1.20.1-1.0.1.module+el8.5.0+20483+2c28049e

nginx-mod-stream

1.20.1-1.0.1.module+el8.5.0+20483+2c28049e

Связанные CVE

CVE-2021-23017

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2021-23017

CVSS3: 7.7
ubuntu
около 4 лет назад

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

redhat логотип

CVE-2021-23017

CVSS3: 8.1
redhat
около 4 лет назад

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

nvd логотип

CVE-2021-23017

CVSS3: 7.7
nvd
около 4 лет назад

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

msrc логотип

CVE-2021-23017

CVSS3: 7.7
msrc
около 4 лет назад

Описание отсутствует

debian логотип

CVE-2021-23017

CVSS3: 7.7
debian
около 4 лет назад

A security issue in nginx resolver was identified, which might allow a ...