Debian DLA-2680-1 : nginx security update

Jamie Landeg-Jones and Manfred Paul discovered a buffer overflow vulnerability in NGINX, a small, powerful, scalable web/proxy server. NGINX has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer overflow or a fal...

Oracle Linux 8 : nginx:1.18 (ELSA-2021-2259)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-2259 advisory. 1.18.0-3.1.0.1 - Remove Red Hat references Orabug: 29498217 1:1.18.0-3.1 - Resolves: 1963178 - CVE-2021-23017 nginx:1.18/nginx: Off-by-one in ngxresolvercopy wh...

RHEL 8 : nginx:1.16 (RHSA-2021:2290)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2290 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security...

nginx < 1.13.6 Buffer Overflow Vulnerability

nginx is prone to a buffer overflow vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] [DLA 2680-1] nginx security update

Debian LTS Advisory DLA-2680-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany June 07, 2021 https://wiki.debian.org/LTS Package : nginx Version : 1.10.3-1+deb9u7 CVE ID : CVE-2017-20005 Jamie Landeg-Jones and Manfred Paul discovered a buffer overflow vulnerabilit...

Important: Red Hat Security Advisory: rh-nginx116-nginx security update

An update for rh-nginx116-nginx is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name

A flaw was found in nginx. An off-by-one error while processing DNS responses allows a network attacker to write a dot character out of bounds in a heap allocated buffer which can allow overwriting the least significant byte of next heap chunk metadata likely leading to a remote code execution in...

Update of nginx-mod-http-image-filter, nginx-mod-http-geoip, nginx-mod-http-perl, nginx, nginx-filesystem, nginx-mod-stream, nginx-mod-http-xslt-filter, nginx-mod-mail, nginx-all-modules

...

Important: Red Hat Security Advisory: nginx:1.18 security update

An update for the nginx:1.18 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name

A flaw was found in nginx. An off-by-one error while processing DNS responses allows a network attacker to write a dot character out of bounds in a heap allocated buffer which can allow overwriting the least significant byte of next heap chunk metadata likely leading to a remote code execution in...

Important: nginx:1.18 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: Off-by-one in ngxresolvercopy when labels are followed by a pointer to a root domain name CVE-2021-23017 For more details about the...

ALSA-2021:2259 Important: nginx:1.18 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: Off-by-one in ngxresolvercopy when labels are followed by a pointer to a root domain name CVE-2021-23017 For more details about the...

RLSA-2021:2259 Important: nginx:1.18 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: Off-by-one in ngxresolvercopy when labels are followed by a pointer to a root domain name CVE-2021-23017 For more details about the...

nginx:1.18 security update

An update is available for nginx. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list nginx is a web and proxy server supporting HTTP and other protocols, with a foc...

Important: Red Hat Security Advisory: rh-nginx118-nginx security update

An update for rh-nginx118-nginx is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name

A flaw was found in nginx. An off-by-one error while processing DNS responses allows a network attacker to write a dot character out of bounds in a heap allocated buffer which can allow overwriting the least significant byte of next heap chunk metadata likely leading to a remote code execution in...

DLA-2680-1 nginx - security update

Bulletin has no description...

CVE-2017-20005

NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer overflow or a false modification date far in the future, when encountered by the autoindex module...

DEBIAN-CVE-2017-20005

NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer overflow or a false modification date far in the future, when encountered by the autoindex module...

CVE-2017-20005

NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer overflow or a false modification date far in the future, when encountered by the autoindex module...