openSUSE-SU-2018:0823-1

Опубликовано: 27 мар. 2018

Источник: suse-cvrf

Описание

Security update for nginx

This update for nginx to version 1.13.9 fixes the following issues:

CVE-2017-7529: nginx: Integer overflow in nginx range filter module allowed memory disclosure (bsc#1048265)

This update also contains all updates and improvements in 1.13.9 upstream release.

Список пакетов

openSUSE Leap 42.3

nginx-1.13.9-2.3.1

vim-plugin-nginx-1.13.9-2.3.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2018-03/msg00102.html
E-Mail link for openSUSE-SU-2018:0823-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request.

Затронутые продукты

openSUSE Leap 42.3:nginx-1.13.9-2.3.1

openSUSE Leap 42.3:vim-plugin-nginx-1.13.9-2.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-7529.html
CVE-2017-7529
https://bugzilla.suse.com/1048265
SUSE Bug 1048265

openSUSE-SU-2018:0823-1

Описание

Список пакетов

openSUSE Leap 42.3

Ссылки

Уязвимость: CVE-2017-7529

Описание

Затронутые продукты

Ссылки