SUSE-SU-2021:1815-1

Опубликовано: 31 мая 2021

Источник: suse-cvrf

Описание

Security update for nginx

This update for nginx fixes the following issues:

CVE-2021-23017: nginx DNS resolver off-by-one heap write (bsc#1186126)

Список пакетов

Container suse/rmt-nginx:latest

nginx-1.19.8-3.3.1

SUSE Linux Enterprise Module for Server Applications 15 SP3

nginx-1.19.8-3.3.1

nginx-source-1.19.8-3.3.1

Ссылки

https://www.suse.com/support/update/announcement/2021/suse-su-20211815-1/
Link for SUSE-SU-2021:1815-1
https://lists.suse.com/pipermail/sle-security-updates/2021-May/008889.html
E-Mail link for SUSE-SU-2021:1815-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1186126
SUSE Bug 1186126
https://www.suse.com/security/cve/CVE-2021-23017/
SUSE CVE CVE-2021-23017 page

Описание

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

Затронутые продукты

Container suse/rmt-nginx:latest:nginx-1.19.8-3.3.1

SUSE Linux Enterprise Module for Server Applications 15 SP3:nginx-1.19.8-3.3.1

SUSE Linux Enterprise Module for Server Applications 15 SP3:nginx-source-1.19.8-3.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-23017.html
CVE-2021-23017
https://bugzilla.suse.com/1186126
SUSE Bug 1186126

SUSE-SU-2021:1815-1

Описание

Список пакетов

Container suse/rmt-nginx:latest

SUSE Linux Enterprise Module for Server Applications 15 SP3

Ссылки

Уязвимость: CVE-2021-23017

Описание

Затронутые продукты

Ссылки