openSUSE-SU-2021:1815-1

Опубликовано: 10 июл. 2021

Источник: suse-cvrf

Описание

Security update for nginx

This update for nginx fixes the following issues:

CVE-2021-23017: nginx DNS resolver off-by-one heap write (bsc#1186126)

Список пакетов

openSUSE Leap 15.3

nginx-1.19.8-3.3.1

nginx-source-1.19.8-3.3.1

vim-plugin-nginx-1.19.8-3.3.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/HKTQ3CIPQ5OLG2MFTQXWBRDD66NWPZBF/
E-Mail link for openSUSE-SU-2021:1815-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1186126
SUSE Bug 1186126
https://www.suse.com/security/cve/CVE-2021-23017/
SUSE CVE CVE-2021-23017 page

Описание

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

Затронутые продукты

openSUSE Leap 15.3:nginx-1.19.8-3.3.1

openSUSE Leap 15.3:nginx-source-1.19.8-3.3.1

openSUSE Leap 15.3:vim-plugin-nginx-1.19.8-3.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-23017.html
CVE-2021-23017
https://bugzilla.suse.com/1186126
SUSE Bug 1186126

openSUSE-SU-2021:1815-1

Описание

Список пакетов

openSUSE Leap 15.3

Ссылки

Уязвимость: CVE-2021-23017

Описание

Затронутые продукты

Ссылки