nginx:1.20 security update
エラータID: AXSA:2022-3028:01
リリース日:
2022/02/01 Tuesday - 06:07
題名:
nginx:1.20 security update
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- nginx のリゾルバーには DNS サーバーからの UDP パケットを偽造することができる
攻撃者により、1 バイトのメモリー情報を上書きされることによって、ワーカープロセスの
クラッシュやその他の潜在的な影響を受ける脆弱性があります。(CVE-2021-23017)
Modularity name: nginx
Stream name: 1.20
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2021-23017
A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
追加情報:
N/A
ダウンロード:
SRPMS
- nginx-1.20.1-1.module+el8+1389+551269c7.ML.1.src.rpm
MD5: d56ed59b2be461d16a213d53af27d0ec
SHA-256: 9b0c3814811565e24835252b4c36a94b453faf853a68898813393ae2ab323af4
Size: 1.06 MB
Asianux Server 8 for x86_64
- nginx-1.20.1-1.module+el8+1389+551269c7.ML.1.x86_64.rpm
MD5: 12638a3127d9cddb5d822205ce1744b5
SHA-256: 9e8887c3fcba8e0420d8e8db9444860f8e0afa66228b353d657194f9b63f6e2c
Size: 591.53 kB - nginx-all-modules-1.20.1-1.module+el8+1389+551269c7.ML.1.noarch.rpm
MD5: ad9fef694b4f63bac561eee385bf6773
SHA-256: e26b5210b82f19bbabe90bca55e8c54b140223aeaac994a245c22315864faf62
Size: 23.50 kB - nginx-debugsource-1.20.1-1.module+el8+1389+551269c7.ML.1.x86_64.rpm
MD5: c18c714c870c326a89a9ae6142f05718
SHA-256: a7e10e79bc1355a9f145be31c597f32940aa35612a2443ade04cb562f79460f5
Size: 681.99 kB - nginx-filesystem-1.20.1-1.module+el8+1389+551269c7.ML.1.noarch.rpm
MD5: 66c0c4fcba3be28cc559b9b135e7f5b8
SHA-256: b51fa7769d7c7f94412226f2198f0b15a37095c2327c3df425fa6f13e3c87c3d
Size: 24.48 kB - nginx-mod-http-image-filter-1.20.1-1.module+el8+1389+551269c7.ML.1.x86_64.rpm
MD5: de92a83a9520a28f8fa88413e163ebb0
SHA-256: 7c741420c80134f0e323a16e78a8c47534e59c0a7f357e8095c11f7c59e57726
Size: 34.88 kB - nginx-mod-http-perl-1.20.1-1.module+el8+1389+551269c7.ML.1.x86_64.rpm
MD5: fcc86844e5cc0a93abab51b8547f3041
SHA-256: b5bed2c05b12d5cb814b026cc84db9118f16fa105ffd5beb8b1f41b5567c2933
Size: 46.70 kB - nginx-mod-http-xslt-filter-1.20.1-1.module+el8+1389+551269c7.ML.1.x86_64.rpm
MD5: cab4bc2bd27814b36d228d5af0cfe549
SHA-256: 2f9b356c94b5419484ecb9946d39656fd8045112bd5c22cd85dd31c0443dc88a
Size: 33.50 kB - nginx-mod-mail-1.20.1-1.module+el8+1389+551269c7.ML.1.x86_64.rpm
MD5: a2cde30598a81d02ad76d07b6814c3a5
SHA-256: 6dcdf3748e2f319e39b8b5ab9309427d7a13fd63d88142e1b56bafdac3fe25f9
Size: 66.36 kB - nginx-mod-stream-1.20.1-1.module+el8+1389+551269c7.ML.1.x86_64.rpm
MD5: 5d03ecd16229302a36ccf40f287bf2fa
SHA-256: 1c880eaee2a451a6ed7bbf6a2de8990961c5d72fd021e29805c277690e92af3c
Size: 91.62 kB