ALSA-2021:2290

[ALSA-2021:2290] Important: nginx:1.16 security update

Type:

security

Severity:

important

Release date:

2021-06-08

Description:

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. 

Security Fix(es):

* nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name (CVE-2021-23017)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	nginx-mod-http-xslt-filter-1.16.1-2.module_el8.4.0+2470+68135136.1.alma.aarch64.rpm	01230e82fd5bcf2ac0d971addefcf84cd0baaad4d153e462049dbed972bd4d8d
aarch64	nginx-mod-mail-1.16.1-2.module_el8.4.0+2470+68135136.1.alma.aarch64.rpm	1f8601ebf6d2eee384bce109e9d0774c3b2647f06602f697fbbd61d4103b9062
aarch64	nginx-mod-http-image-filter-1.16.1-2.module_el8.4.0+2470+68135136.1.alma.aarch64.rpm	2fa4e363fe27e3533fe46565b02a631f08ce01c941cf4714f33ba7ee78c920eb
aarch64	nginx-mod-stream-1.16.1-2.module_el8.4.0+2470+68135136.1.alma.aarch64.rpm	687fe96f027bfba53fe4365daf9d40f569058b8a0a66a996a9d40a293ba716bc
aarch64	nginx-1.16.1-2.module_el8.4.0+2470+68135136.1.alma.aarch64.rpm	ec4923aba15ec8efe0bf6d31ce323d60f9c201897adafba05a69c8f6d660df52
aarch64	nginx-mod-http-perl-1.16.1-2.module_el8.4.0+2470+68135136.1.alma.aarch64.rpm	fc004fb251b533612dc33bdc23283a01979f05fbd30ba723f04e2c17d5543086
noarch	nginx-all-modules-1.16.1-2.module_el8.4.0+2470+68135136.1.alma.noarch.rpm	79741b9c09ef582010b3e54aaafc127c37313e149c85f30af773e7d029159d4f
noarch	nginx-filesystem-1.16.1-2.module_el8.4.0+2470+68135136.1.alma.noarch.rpm	dbc91d34ad0cc655815446e7fdb7fd2db392879ed2cb83f69ce3fc899e5e30d9
ppc64le	nginx-mod-mail-1.16.1-2.module_el8.5.0+35+6a1225c3.1.alma.ppc64le.rpm	0e847defb2de163f5a198a61760c70f3c3fe716f7fc1cf21bc0b1f41946d695a
ppc64le	nginx-mod-stream-1.16.1-2.module_el8.5.0+35+6a1225c3.1.alma.ppc64le.rpm	208a2b94090fef98b63f1ae5bad8ed89f1d092fa096ea53c2b65ab594440be75
ppc64le	nginx-mod-http-perl-1.16.1-2.module_el8.5.0+35+6a1225c3.1.alma.ppc64le.rpm	20a4de7942a38b1c467bb00f6ea868146e4eed06c3ea4ecc428b44914bb28048
ppc64le	nginx-1.16.1-2.module_el8.5.0+35+6a1225c3.1.alma.ppc64le.rpm	7e7076907fa836c8558d02013d1fb8596ffbe38459bace098ce8a9d6f17ab161
ppc64le	nginx-mod-http-xslt-filter-1.16.1-2.module_el8.5.0+35+6a1225c3.1.alma.ppc64le.rpm	8a354f4a57fc70a7417ca2c96fba8ad5348868224b713549b73c2454993fab90
ppc64le	nginx-mod-http-image-filter-1.16.1-2.module_el8.5.0+35+6a1225c3.1.alma.ppc64le.rpm	c953d9d27c9d497d7bc38d7c206433823343bbf1b3b9d0f25a3d1ba057149ff8
x86_64	nginx-mod-http-xslt-filter-1.16.1-2.module_el8.4.0+2470+68135136.1.alma.x86_64.rpm	5ee215ab76369ada45a13196e2dffe6a679a157d177501173e98db2d0f50fe77
x86_64	nginx-mod-mail-1.16.1-2.module_el8.4.0+2470+68135136.1.alma.x86_64.rpm	6178803ee16ce154ca9bb83a089134667ebda97609e90ede2713a9c030b00c47
x86_64	nginx-mod-http-perl-1.16.1-2.module_el8.4.0+2470+68135136.1.alma.x86_64.rpm	7f50eed79d96531e71b3aeece58f8c173e229ad80baf37d16b9080ea6b9ee6da
x86_64	nginx-mod-stream-1.16.1-2.module_el8.4.0+2470+68135136.1.alma.x86_64.rpm	9d636e4f73349caa4e60c00511dcdb7baad70755442a9ed5a5895e264ad8fcbf
x86_64	nginx-1.16.1-2.module_el8.4.0+2470+68135136.1.alma.x86_64.rpm	cf2f372472a884b68a6b5b1be112171e9de6243ccf05b5e1b466e65ed8603e77
x86_64	nginx-mod-http-image-filter-1.16.1-2.module_el8.4.0+2470+68135136.1.alma.x86_64.rpm	db9db5f0d1426659b5ac551d94b146266fbfa2bae9ae98600efd8a7b3cfe1605

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.