[ALSA-2022:0323] Important: nginx:1.20 security update
Type:
security
Severity:
important
Release date:
2022-01-31
Description:
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. The following packages have been upgraded to a later upstream version: nginx (1.20.1). (BZ#2031030) Security Fix(es): * nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name (CVE-2021-23017) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 nginx-1.20.1-1.module_el8.6.0+2782+a022aca3.alma.aarch64.rpm 364bb188f083dcb3a053092f1b8e3a7ba9763dda11829f02c03481d67ea03225
aarch64 nginx-mod-stream-1.20.1-1.module_el8.6.0+2782+a022aca3.alma.aarch64.rpm 375dce9beb3905f8eebf414c33dae78427c434c88d74ce6695798f2fcce8c167
aarch64 nginx-mod-http-xslt-filter-1.20.1-1.module_el8.6.0+2782+a022aca3.alma.aarch64.rpm 77e48c15791baa8b181b1e57db717c49aae38cd09f28402a57a0d974b1da1e42
aarch64 nginx-mod-mail-1.20.1-1.module_el8.6.0+2782+a022aca3.alma.aarch64.rpm a0decfbadece09c2eac1a4c15763b3eced18579e923f2c855dfbf678a8689192
aarch64 nginx-mod-http-perl-1.20.1-1.module_el8.6.0+2782+a022aca3.alma.aarch64.rpm d1f2f335d0cd06455e6aaf1054a5698b8169a0df2aac65ce0ba9358bc2dcf94c
aarch64 nginx-mod-http-image-filter-1.20.1-1.module_el8.6.0+2782+a022aca3.alma.aarch64.rpm dd60417b5885df5e1663a86b9e73a1f2cc6346390426015cd5dc5496719a2833
noarch nginx-filesystem-1.20.1-1.module_el8.5.0+2611+ab304644.alma.noarch.rpm 19ddc2ccdd973aa44692f0a2ea71d6bde1a49a6400b6dbe23c5bf57090c00bb2
noarch nginx-filesystem-1.20.1-1.module_el8.6.0+2782+a022aca3.alma.noarch.rpm a9004507d9946b607ce58468dc9690e503d7ba490f6cbb18ba8d3e7bcf20355d
noarch nginx-all-modules-1.20.1-1.module_el8.5.0+2611+ab304644.alma.noarch.rpm c48f7bb9fcacb3c94e1c60502a5cfaece830250f0f8a017fab02aa51e52b4e48
noarch nginx-all-modules-1.20.1-1.module_el8.6.0+2782+a022aca3.alma.noarch.rpm ea6847c5309b477ff2910ab9d597611f6b62454dc03dc050db773af264d37a19
ppc64le nginx-mod-mail-1.20.1-1.module_el8.6.0+2782+a022aca3.alma.ppc64le.rpm 1bdcd5cc07bba82ecb4d89a58a6b377e225c60ef3fbb53f1117e6a8a84d8eca9
ppc64le nginx-mod-http-image-filter-1.20.1-1.module_el8.6.0+2782+a022aca3.alma.ppc64le.rpm 477ab60fef17079b3c905a9e5156d8732a87e672e250433fda261201680d1817
ppc64le nginx-mod-http-xslt-filter-1.20.1-1.module_el8.6.0+2782+a022aca3.alma.ppc64le.rpm de9e95422da288557eec88b84d7aecccd5bbd30b76f54e7ce94d612225bb1856
ppc64le nginx-mod-http-perl-1.20.1-1.module_el8.6.0+2782+a022aca3.alma.ppc64le.rpm df47e9aa2c1263906483eab0a6073fc1e7e97dddb8bc7773f1c9368fa338fa17
ppc64le nginx-1.20.1-1.module_el8.6.0+2782+a022aca3.alma.ppc64le.rpm e58c84e7f608d3c42da508f7769c610a58ef5008ffd90f03600fa67517b03499
ppc64le nginx-mod-stream-1.20.1-1.module_el8.6.0+2782+a022aca3.alma.ppc64le.rpm f95e90f976e6c420f99ca869c4e42b7b0d1dcdcbdc3c974a4223f9b642fc92c7
x86_64 nginx-1.20.1-1.module_el8.5.0+2611+ab304644.alma.x86_64.rpm 3ef02f4ad844c6e97c0e84611cd234946097c7507d0ca237324cb5e345912822
x86_64 nginx-mod-mail-1.20.1-1.module_el8.5.0+2611+ab304644.alma.x86_64.rpm 44eb78c5bdf28c82afd2fb33686675fe5d42311992cb418675f708e0891c5aa3
x86_64 nginx-mod-stream-1.20.1-1.module_el8.5.0+2611+ab304644.alma.x86_64.rpm 634473a97e8fdc26cc150dbba4f757b7e553de619d9d247b03de6061b118a619
x86_64 nginx-mod-http-xslt-filter-1.20.1-1.module_el8.5.0+2611+ab304644.alma.x86_64.rpm 67ac1bde71430a9f6d4e65783fff41951b411c38da86686c709ec4c3d7f65ab1
x86_64 nginx-mod-http-perl-1.20.1-1.module_el8.5.0+2611+ab304644.alma.x86_64.rpm 98dbf2be5fe4004ff01744e86433a54891b8eced17c1a8faca6e0a282017718a
x86_64 nginx-mod-http-image-filter-1.20.1-1.module_el8.5.0+2611+ab304644.alma.x86_64.rpm b1b4bd922762416d485df77e7f71612f1a72a85bd19e691cd98f5322c82cd7b6
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.