Forum: >>> Magnum BBS <<<

[SECURITY] [DSA 5281-1] nginx security update

From Moritz Muehlenhoff@21:1/5 to All on Tue Nov 15 21:30:02 2022

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------- Debian Security Advisory DSA-5281-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 15, 2022 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : nginx
CVE ID : CVE-2022-41741 CVE-2022-41742

It was discovered that parsing errors in the mp4 module of Nginx, a high-performance web and reverse proxy server, could result in denial
of service, memory disclosure or potentially the execution of arbitrary
code when processing a malformed mp4 file.

This module is only enabled in the nginx-extras binary package.

For the stable distribution (bullseye), these problems have been fixed in version 1.18.0-6.1+deb11u3.

We recommend that you upgrade your nginx packages.

For the detailed security status of nginx please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/nginx

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmNz9JcACgkQEMKTtsN8 Tjb4tg/7BRkAkF48UvvRjLolxVVuV1paSTRG8ArEeW3fHyA0fxs2UMuRL4ic1vqc i3wxAAfHvYoOnk+QBY20Ly2MN7S7OukNovKE9AZCPulyYkVjtIWNSBeY0PzCU60y RP/KCZAGoGEYi6s4SUrK194ved+7jIcybgLvvGA8FRKW3wTRvzRGMfR6NTLuP7B3 th0C5+KkapE8G5XlHWOIjv1h3Ok40cua7LtYx9RTITJ+wClvkJ6gPcCXXj/CnWWa PUvuEBwyr0PEBXfL9v1P8Eq1MmN+mWU9KeLYxIC+vcJxtpsYL67tMHIGTlDUgDVE FrXrDXi7XP/6hjl7t/J/cTPEwy/twX0emUQcUDlRNlOxh3skSmdPJP7DMu+t9UtQ suepgZ+oHfHh3gs9EWz2zRqbsVO03NjhKo9ebIjhe3H0P39cX3NN5qlSJeNTY45k VBDecnPQnhYqYuzqwXy5ZoUQDcU0Bo7zaUzeYhUsfXqrROV/tj+UTMrM2anHdQ4B kAOrCBpmGP1lLvDs2PzBcWmBtII/5VTKZep05xH0L+dZWDV07j1ekCzv3/kuKiMl GTJQ7yl3fgKjLdkjMFKQIfsm3xdYwzxjOmtEY86tUV0LjtdR2GlJtF4YdIQhA4b1 /R82ZisLfmZ4ElL+ua8iypLOe9reyO4EpVVDkeewFS64Ye1Wn3k=
=3mDY
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Who's Online
Recent Visitors
- Gretchiie
  Mon Dec 30 17:08:49 2024
  from Derry, Nh via Telnet
- Bob Worm
  Mon Dec 30 14:27:01 2024
  from Wales, Uk via Telnet
- Guest
  Mon Dec 30 07:42:32 2024
  from /bin/busybox Cat /proc/self/ex via Raw
- Mxofxn
  Mon Dec 30 02:37:35 2024
  from Little Rock via Telnet
- Keyop
  Mon Dec 30 01:56:05 2024
  from Huddersfield, West Yorkshire via SSH
- Gwylbert
  Mon Dec 30 00:37:24 2024
  from Sydney, Nsw via Telnet
- Bob Worm
  Sun Dec 29 22:17:42 2024
  from Wales, Uk via Telnet
- Keyop
  Sun Dec 29 16:09:13 2024
  from Huddersfield, West Yorkshire via SSH

System Info

Sysop:	Keyop
Location:	Huddersfield, West Yorkshire, UK
Users:	384
Nodes:	16 (2 / 14)
Uptime:	63:35:33
Calls:	8,174
Calls today:	6
Files:	13,113
Messages:	5,864,702

[SECURITY] [DSA 5281-1] nginx security update

Who's Online

Recent Visitors

System Info