Описание
Security update for nginx
This update for nginx fixes the following issues:
- CVE-2021-23017: nginx DNS resolver off-by-one heap write (bsc#1186126)
Список пакетов
SUSE Linux Enterprise High Performance Computing 15-ESPOS
nginx-1.16.1-3.15.1
SUSE Linux Enterprise High Performance Computing 15-LTSS
nginx-1.16.1-3.15.1
SUSE Linux Enterprise Server 15-LTSS
nginx-1.16.1-3.15.1
SUSE Linux Enterprise Server for SAP Applications 15
nginx-1.16.1-3.15.1
Ссылки
- Link for SUSE-SU-2021:1792-1
- E-Mail link for SUSE-SU-2021:1792-1
- SUSE Security Ratings
- SUSE Bug 1186126
- SUSE CVE CVE-2021-23017 page
Описание
A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
Затронутые продукты
SUSE Linux Enterprise High Performance Computing 15-ESPOS:nginx-1.16.1-3.15.1
SUSE Linux Enterprise High Performance Computing 15-LTSS:nginx-1.16.1-3.15.1
SUSE Linux Enterprise Server 15-LTSS:nginx-1.16.1-3.15.1
SUSE Linux Enterprise Server for SAP Applications 15:nginx-1.16.1-3.15.1
Ссылки
- CVE-2021-23017
- SUSE Bug 1186126