rh-nginx120-nginx-1.20.1-1.0.2.el7.AXS7

エラータID: AXSA:2023-6580:01

Release date: 
Friday, November 17, 2023 - 08:52
Subject: 
rh-nginx120-nginx-1.20.1-1.0.2.el7.AXS7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
Moderate
Description: 

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage.

Security Fix(es):

* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack
(Rapid Reset Attack) (CVE-2023-44487)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.

CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption)
because request cancellation can reset many streams quickly, as exploited in the
wild in August through October 2023.

Solution: 

Update packages.

CVEs: 
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Additional Info: 

N/A

Download: 

SRPMS
  1. rh-nginx120-nginx-1.20.1-1.0.2.el7.AXS7.src.rpm
    MD5: e1239d8c414ef3172da42bfd997f394e
    SHA-256: 2b00c5af95c2e8a2f1c4bb4955761c5f023224a53e7dc70be553b738d964849a
    Size: 1.06 MB

Asianux Server 7 for x86_64
  1. rh-nginx120-nginx-1.20.1-1.0.2.el7.AXS7.x86_64.rpm
    MD5: f98cf6e49a19211ff6546cca74f5de3b
    SHA-256: 39d53c7284ede14003ef5b09441addc3105dc1a277acf164e46676b56fa1e0ff
    Size: 566.31 kB
  2. rh-nginx120-nginx-mod-http-image-filter-1.20.1-1.0.2.el7.AXS7.x86_64.rpm
    MD5: 62446e5b6f188ae1850b567f1d8caa25
    SHA-256: 9a80363308c4d5b09de69345ec7e1e12cb5ebed9d0a6d44ad0c0418cf0f701b7
    Size: 25.56 kB
  3. rh-nginx120-nginx-mod-http-perl-1.20.1-1.0.2.el7.AXS7.x86_64.rpm
    MD5: c4ddda32ebb1a0c031459002b3226793
    SHA-256: bfc33d8e75f017828a458d3b7c7294d92b8739d06838852baf7bbe85195dc4f4
    Size: 38.76 kB
  4. rh-nginx120-nginx-mod-http-xslt-filter-1.20.1-1.0.2.el7.AXS7.x86_64.rpm
    MD5: 4b87a88f7a1487ff2342cc869a19ab17
    SHA-256: b4ca63a93768ffc71169b9936b950676ca8d7659b06d61929141c96b9a6a3b8a
    Size: 24.73 kB
  5. rh-nginx120-nginx-mod-mail-1.20.1-1.0.2.el7.AXS7.x86_64.rpm
    MD5: a8ce9e6d3ec83993880b8438e87e25dd
    SHA-256: 4d21a6adade551422a6f2af08eb9e6fb2dde6e7ac9bc53bba2650e802d9cd1c5
    Size: 55.56 kB
  6. rh-nginx120-nginx-mod-stream-1.20.1-1.0.2.el7.AXS7.x86_64.rpm
    MD5: f91a98384e66f51cb98c1f6e4e27972f
    SHA-256: 51409e054601d8514073ee45e862d4c702fc15448ad42e6a9904e41892ae211e
    Size: 81.74 kB