Описание
Security update for nginx
This update for nginx fixes the following issues:
- CVE-2021-23017: nginx DNS resolver off-by-one heap write (bsc#1186126)
Список пакетов
SUSE Enterprise Storage 6
nginx-1.16.1-6.13.1
nginx-source-1.16.1-6.13.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS
nginx-1.16.1-6.13.1
nginx-source-1.16.1-6.13.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
nginx-1.16.1-6.13.1
nginx-source-1.16.1-6.13.1
SUSE Linux Enterprise Server 15 SP1-BCL
nginx-1.16.1-6.13.1
nginx-source-1.16.1-6.13.1
SUSE Linux Enterprise Server 15 SP1-LTSS
nginx-1.16.1-6.13.1
nginx-source-1.16.1-6.13.1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
nginx-1.16.1-6.13.1
nginx-source-1.16.1-6.13.1
SUSE Manager Proxy 4.0
nginx-1.16.1-6.13.1
nginx-source-1.16.1-6.13.1
SUSE Manager Retail Branch Server 4.0
nginx-1.16.1-6.13.1
nginx-source-1.16.1-6.13.1
SUSE Manager Server 4.0
nginx-1.16.1-6.13.1
nginx-source-1.16.1-6.13.1
Ссылки
- Link for SUSE-SU-2021:1839-1
- E-Mail link for SUSE-SU-2021:1839-1
- SUSE Security Ratings
- SUSE Bug 1186126
- SUSE CVE CVE-2021-23017 page
Описание
A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
Затронутые продукты
SUSE Enterprise Storage 6:nginx-1.16.1-6.13.1
SUSE Enterprise Storage 6:nginx-source-1.16.1-6.13.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nginx-1.16.1-6.13.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nginx-source-1.16.1-6.13.1
Ссылки
- CVE-2021-23017
- SUSE Bug 1186126