ALSA-2023:5712

[ALSA-2023:5712] Moderate: nginx:1.20 security update

Type:

security

Severity:

moderate

Release date:

2023-10-23

Description:

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. 

Security Fix(es):

* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	nginx-mod-http-perl-1.20.1-1.module_el8.8.0+3624+abf02be4.1.alma.1.aarch64.rpm	0d6d8f08174484fcc0894a8b4c83dcb3bce43b6dd28801cc67cf1e6647d01141
aarch64	nginx-mod-devel-1.20.1-1.module_el8.8.0+3624+abf02be4.1.alma.1.aarch64.rpm	156f00a31af7706c436bd90be762871141610f481561c71dbf13a6fcfd5da318
aarch64	nginx-1.20.1-1.module_el8.8.0+3624+abf02be4.1.alma.1.aarch64.rpm	317e9cd0ff190de5b22fe0438d2a95a1fb53a84afd6abc00f96b1d125e962c0d
aarch64	nginx-mod-http-xslt-filter-1.20.1-1.module_el8.8.0+3624+abf02be4.1.alma.1.aarch64.rpm	5b8876aba5fc015494413f83b8e62e1704054ea2232aff90ce5fcfc215617baa
aarch64	nginx-mod-mail-1.20.1-1.module_el8.8.0+3624+abf02be4.1.alma.1.aarch64.rpm	9cc243d38872f7527f8f30880891d41a8a3f51b835071da3648fbf18316e030a
aarch64	nginx-mod-http-image-filter-1.20.1-1.module_el8.8.0+3624+abf02be4.1.alma.1.aarch64.rpm	aabcf44fb0a5facda60f9e063217b7d7d33832e395b103d986f63e0e044d675d
aarch64	nginx-mod-stream-1.20.1-1.module_el8.8.0+3624+abf02be4.1.alma.1.aarch64.rpm	f3409b1e1df646fae1bef72068139c7da396007644fdc24ebb139f2ad427e15a
noarch	nginx-all-modules-1.20.1-1.module_el8.8.0+3624+abf02be4.1.alma.1.noarch.rpm	bf647384a030eb26027faac4f68354de2da684dd53716bc0421bf8012e66d29c
noarch	nginx-filesystem-1.20.1-1.module_el8.8.0+3624+abf02be4.1.alma.1.noarch.rpm	e8e06deae2e40887bee906cbf67828b01d490a4f2bef70443e2a8c31b4b55b2f
ppc64le	nginx-mod-http-image-filter-1.20.1-1.module_el8.8.0+3624+abf02be4.1.alma.1.ppc64le.rpm	23636e791280d5be55d94abd79f06377f8b5058441a66b06175d69d0a7842437
ppc64le	nginx-mod-devel-1.20.1-1.module_el8.8.0+3624+abf02be4.1.alma.1.ppc64le.rpm	2c2a994f5bd44db9282941c54923972ac808927d1ac301b0aea94bb7ac184de3
ppc64le	nginx-mod-http-xslt-filter-1.20.1-1.module_el8.8.0+3624+abf02be4.1.alma.1.ppc64le.rpm	3dcd31a39e7a5d3e850746298132bbcae6460819fb433426ea5fd1351a262ae8
ppc64le	nginx-1.20.1-1.module_el8.8.0+3624+abf02be4.1.alma.1.ppc64le.rpm	567aaedfc862cdb0eedcec0e94d1adc7f1cd5002fe8faf6e44b8b00942c377a5
ppc64le	nginx-mod-http-perl-1.20.1-1.module_el8.8.0+3624+abf02be4.1.alma.1.ppc64le.rpm	5e72bcf4414843428478f346b7caef8f7c371020cfb77f8b3ccdd0f6659aab41
ppc64le	nginx-mod-mail-1.20.1-1.module_el8.8.0+3624+abf02be4.1.alma.1.ppc64le.rpm	ce58c09f3dde5d98ba9247f0b3caecb3ce028d49f4dcad09ddc6fb84ae72298a
ppc64le	nginx-mod-stream-1.20.1-1.module_el8.8.0+3624+abf02be4.1.alma.1.ppc64le.rpm	f961b51601449817d16219d29d71c1562caec5b8ae946be546df6d73801fdadb
s390x	nginx-mod-stream-1.20.1-1.module_el8.8.0+3624+abf02be4.1.alma.1.s390x.rpm	156cfbe3d31e37fdd073f07c1730537a886a0abfc898590c0bdc2e8668575fda
s390x	nginx-mod-mail-1.20.1-1.module_el8.8.0+3624+abf02be4.1.alma.1.s390x.rpm	2914ebd3e00bc0e365ec7645e9b0f5db919142af59cb268765253c154a775cc5
s390x	nginx-mod-devel-1.20.1-1.module_el8.8.0+3624+abf02be4.1.alma.1.s390x.rpm	2d0fdc8bd975e35fab9033c5af729e386e78da7eac156d5d7b225e62193630d8
s390x	nginx-1.20.1-1.module_el8.8.0+3624+abf02be4.1.alma.1.s390x.rpm	3d16e704567975a89e60156f5cfacc86722adcf404bc59b6128f1a3705aee3d5
s390x	nginx-mod-http-perl-1.20.1-1.module_el8.8.0+3624+abf02be4.1.alma.1.s390x.rpm	a70d2b85df137b2e88f12fe40024bb02475e187af73d6138faffc63d6fd9ae82
s390x	nginx-mod-http-xslt-filter-1.20.1-1.module_el8.8.0+3624+abf02be4.1.alma.1.s390x.rpm	c213e059bf51b60ecfb0141d721adf3608f47789d8521c4ebffc3fcebe3b1888
s390x	nginx-mod-http-image-filter-1.20.1-1.module_el8.8.0+3624+abf02be4.1.alma.1.s390x.rpm	e0a25ba4524e0db4037ac1aa3113390a164a81f9ed49dd97e9b2cd9e5f7ae96e
x86_64	nginx-1.20.1-1.module_el8.8.0+3624+abf02be4.1.alma.1.x86_64.rpm	04af7ac5d7d23762ed1bea02dcfe40d9b6b081f94de9ddba3b1d04e6df5cac40
x86_64	nginx-mod-mail-1.20.1-1.module_el8.8.0+3624+abf02be4.1.alma.1.x86_64.rpm	24f6a1da6ddacf86d5aa490231f8653167aaeff9adb45d71175e612241df71d1
x86_64	nginx-mod-http-perl-1.20.1-1.module_el8.8.0+3624+abf02be4.1.alma.1.x86_64.rpm	50ef1b42b26e3fd01365ccd2ebe3be77024731a54df1ec00388f3b96a83e3ad3
x86_64	nginx-mod-devel-1.20.1-1.module_el8.8.0+3624+abf02be4.1.alma.1.x86_64.rpm	97b353a7f7daa49cd5ace1d7d2fe84516690a07ea663774169cde56590f23e3c
x86_64	nginx-mod-http-image-filter-1.20.1-1.module_el8.8.0+3624+abf02be4.1.alma.1.x86_64.rpm	a7e7ec1a5ef024ac0ea78bc735314f0f05b9cd3189e6e9d086a066d5bf0b35d1
x86_64	nginx-mod-http-xslt-filter-1.20.1-1.module_el8.8.0+3624+abf02be4.1.alma.1.x86_64.rpm	d7a097d95dcd59f3b48248b3c9c495431f04c39dfefe8ec3971127418a2117a3
x86_64	nginx-mod-stream-1.20.1-1.module_el8.8.0+3624+abf02be4.1.alma.1.x86_64.rpm	e9f0bb04ad13e300e9964d56889fdc6e50aaf28a9e8910c24b7e141a22af9639

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.