ALSA-2023:5713

[ALSA-2023:5713] Moderate: nginx:1.22 security update

Type:

security

Severity:

moderate

Release date:

2023-10-17

Description:

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. 

Security Fix(es):

* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	nginx-mod-devel-1.22.1-1.module_el8.8.0+3623+f96e6422.1.alma.1.aarch64.rpm	0b3e84f5aabb8bec7563ef39cafbf073c2f1af29e574234fb1b2c9ce6c460e6b
aarch64	nginx-mod-http-perl-1.22.1-1.module_el8.8.0+3623+f96e6422.1.alma.1.aarch64.rpm	2698c6e4040bedd32791fc16965e3da9afe372eea49ed8097851d9d1944936e2
aarch64	nginx-mod-stream-1.22.1-1.module_el8.8.0+3623+f96e6422.1.alma.1.aarch64.rpm	71a2bfa61eae056468db7520296fc927861626d5579c3545a23047adef2dac0f
aarch64	nginx-mod-http-xslt-filter-1.22.1-1.module_el8.8.0+3623+f96e6422.1.alma.1.aarch64.rpm	7e6eb10c37624f43460af2ace56d78c540112b7254492d3db5657e83225e9ac3
aarch64	nginx-1.22.1-1.module_el8.8.0+3623+f96e6422.1.alma.1.aarch64.rpm	d8baea0ba20e015f9e28a888466f4664b05e30cc098ad02cdfb0667af6b4fe38
aarch64	nginx-mod-http-image-filter-1.22.1-1.module_el8.8.0+3623+f96e6422.1.alma.1.aarch64.rpm	e440d1643dd35e00582c26fb6f4d6f03a808c5e18bf8cd8fab6704e0874eeca1
aarch64	nginx-mod-mail-1.22.1-1.module_el8.8.0+3623+f96e6422.1.alma.1.aarch64.rpm	e6d47cf2bda9661df2820048d4633c6d15c69c1614265e802e7da90246c36ce6
noarch	nginx-filesystem-1.22.1-1.module_el8.8.0+3623+f96e6422.1.alma.1.noarch.rpm	70778d0027306eba4485f388a9025c8899e4b6b93932e1a897e78ffed59145f4
noarch	nginx-all-modules-1.22.1-1.module_el8.8.0+3623+f96e6422.1.alma.1.noarch.rpm	92403518d2ed3bde3573db0069874267ba9c58c6b12a382e820ebc2834983bc3
ppc64le	nginx-mod-http-image-filter-1.22.1-1.module_el8.8.0+3623+f96e6422.1.alma.1.ppc64le.rpm	33f9f5995df761297e47138ae8be8ede16532da56ba37ee3f2d78220e32487cb
ppc64le	nginx-mod-devel-1.22.1-1.module_el8.8.0+3623+f96e6422.1.alma.1.ppc64le.rpm	40d451a91dd9fa4a8811a347825725bd0d3be67a749c88831c06c15b10a0d1b1
ppc64le	nginx-mod-http-xslt-filter-1.22.1-1.module_el8.8.0+3623+f96e6422.1.alma.1.ppc64le.rpm	4b1e309aeef4f58380ebe05645317cbb0d43c7708d71db73a3fadf0d8984ffd5
ppc64le	nginx-mod-http-perl-1.22.1-1.module_el8.8.0+3623+f96e6422.1.alma.1.ppc64le.rpm	b4f12429c28b2d0bf4754a4a3328b651e3a3e9ddec16a2ce6958a1a66e6990ec
ppc64le	nginx-mod-mail-1.22.1-1.module_el8.8.0+3623+f96e6422.1.alma.1.ppc64le.rpm	d7a40175eee38acea82e026069c524ee292fca59a19d1fc333dfba15794a0fb0
ppc64le	nginx-1.22.1-1.module_el8.8.0+3623+f96e6422.1.alma.1.ppc64le.rpm	dd08e753a9e815f29a82f5bb1d717e29e7d6af6bfadc4d998298aff10a98c20c
ppc64le	nginx-mod-stream-1.22.1-1.module_el8.8.0+3623+f96e6422.1.alma.1.ppc64le.rpm	e1c37d54ce1d423fdc62639be4cbcf5ca49dff597227974fb8f25bd87a559e77
s390x	nginx-mod-http-xslt-filter-1.22.1-1.module_el8.8.0+3623+f96e6422.1.alma.1.s390x.rpm	061ff2271b4ca8ee6c07612d51c170cf7dfab46e8f685dea47e044acfa0b1435
s390x	nginx-mod-stream-1.22.1-1.module_el8.8.0+3623+f96e6422.1.alma.1.s390x.rpm	240a21a5553b0c0f19a453a96e4c8d798a0a178bda5bc2042eec8a30e5c91b5c
s390x	nginx-mod-http-image-filter-1.22.1-1.module_el8.8.0+3623+f96e6422.1.alma.1.s390x.rpm	2c5eed33b5d6d6233b7e2eaaacd03cf59e85c601e782ef23d734f5d3a06cdf40
s390x	nginx-mod-mail-1.22.1-1.module_el8.8.0+3623+f96e6422.1.alma.1.s390x.rpm	3625409347e5a6414fe218a0ec9e7a68444831cd9d3512dab24b7019ee97bc8e
s390x	nginx-mod-http-perl-1.22.1-1.module_el8.8.0+3623+f96e6422.1.alma.1.s390x.rpm	3d629be0a7e19c80da59e4909adc08986961500089c523a1013b886bb0a3c4f0
s390x	nginx-1.22.1-1.module_el8.8.0+3623+f96e6422.1.alma.1.s390x.rpm	a02c6c3d8e2eb64d508f53c0578e748cfe942bc60b5341c04ca541662a8c3e18
s390x	nginx-mod-devel-1.22.1-1.module_el8.8.0+3623+f96e6422.1.alma.1.s390x.rpm	adb3451f69c9cf5b05f556c023e18f60e851d0bb56362b4a6d7e15e2250cdb84
x86_64	nginx-mod-mail-1.22.1-1.module_el8.8.0+3623+f96e6422.1.alma.1.x86_64.rpm	09dc8e6dd1303b7984cf6ed4ba7955c125f8afd9017f7137add06e9ea1a10013
x86_64	nginx-mod-http-perl-1.22.1-1.module_el8.8.0+3623+f96e6422.1.alma.1.x86_64.rpm	1d7e0002ebecd121951a444101fb2ede4f01af9cc559c0017049b51421bf059f
x86_64	nginx-mod-http-xslt-filter-1.22.1-1.module_el8.8.0+3623+f96e6422.1.alma.1.x86_64.rpm	2d3d71c5869354baf684b6ceea52aa9598672264424c9068bdafeb9edae4dbb0
x86_64	nginx-mod-http-image-filter-1.22.1-1.module_el8.8.0+3623+f96e6422.1.alma.1.x86_64.rpm	5517d3c7eca1d8d44a71f0329b1dbe0657c80bc4f8eab0fbea3b4909167793a4
x86_64	nginx-1.22.1-1.module_el8.8.0+3623+f96e6422.1.alma.1.x86_64.rpm	8e7086ae69ef0a7abcefde17a4ac3bb22c8adf632ca084db8567d614548a0117
x86_64	nginx-mod-devel-1.22.1-1.module_el8.8.0+3623+f96e6422.1.alma.1.x86_64.rpm	9b64e5471cd5b3dd2199b4358606f932c6f66b4c4914410cbd0696a7c426b8cd
x86_64	nginx-mod-stream-1.22.1-1.module_el8.8.0+3623+f96e6422.1.alma.1.x86_64.rpm	9fad7e8cb407ef43bcb3b94600963ce5002e4289b2c55a549f92a3cf4fb0f5cc

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.