ALSA-2023:5711

[ALSA-2023:5711] Moderate: nginx security update

Type:

security

Severity:

moderate

Release date:

2023-10-17

Description:

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. 

Security Fix(es):

* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	nginx-core-1.20.1-14.el9_2.1.alma.1.aarch64.rpm	1383fb6547dbc5a6f86ce41338585e486b832409a64b71760ef581c7cb5586bb
aarch64	nginx-mod-http-image-filter-1.20.1-14.el9_2.1.alma.1.aarch64.rpm	19872521ffa39f4792142c7615f352010ffd57705f548698d2a90e1393edfa16
aarch64	nginx-1.20.1-14.el9_2.1.alma.1.aarch64.rpm	5308f49435868a2aa5cc06949ef3e450e3899c7dbef4802193d635d731f91a39
aarch64	nginx-mod-http-perl-1.20.1-14.el9_2.1.alma.1.aarch64.rpm	5aaa4310c4ea953ae306912d7e793f37be54847b2c6e58a41ed1b0e2861a28bb
aarch64	nginx-mod-devel-1.20.1-14.el9_2.1.alma.1.aarch64.rpm	68a35283e7e271b837b02106cc4f0f8896113d941693d7ee9ee92ad852015910
aarch64	nginx-mod-stream-1.20.1-14.el9_2.1.alma.1.aarch64.rpm	807c1a9c5133eefccef7346681ce50093124699dc79265a3c8e3aaae54f9653e
aarch64	nginx-mod-mail-1.20.1-14.el9_2.1.alma.1.aarch64.rpm	a4a56ee4f5895917a575942e3b38ec676fb7023d47585ef8230ff2932e3c9403
aarch64	nginx-mod-http-xslt-filter-1.20.1-14.el9_2.1.alma.1.aarch64.rpm	b2e24723711e2b7473d285fc8423c1ec08228c7ac156cdef939a9cbf1fc8f5ed
noarch	nginx-all-modules-1.20.1-14.el9_2.1.alma.1.noarch.rpm	224ccfde13a54c23ce3cbe0c073f8f26257baabf4776a292f519f69dbce4166b
noarch	nginx-filesystem-1.20.1-14.el9_2.1.alma.1.noarch.rpm	6eaa0e536cd84cbdd37d9c8634d8cdf4c575e532e35d0331db02fed271820662
ppc64le	nginx-core-1.20.1-14.el9_2.1.alma.1.ppc64le.rpm	190d0b8d58f77d0273d19fb69b4ca1b055e27f881281a56917cf660354f35b92
ppc64le	nginx-mod-mail-1.20.1-14.el9_2.1.alma.1.ppc64le.rpm	39948c56422906db5de99a2dc4a0fd235733753378ef556f2117d30c5c55db7d
ppc64le	nginx-mod-stream-1.20.1-14.el9_2.1.alma.1.ppc64le.rpm	4576e9733969665b20451963e4aa557d1a1aac74d6b9aa13f0d46ec7d5b2d75a
ppc64le	nginx-mod-devel-1.20.1-14.el9_2.1.alma.1.ppc64le.rpm	724bea262815445cee214984640b60011426f34794571a3055666d297d1374eb
ppc64le	nginx-mod-http-image-filter-1.20.1-14.el9_2.1.alma.1.ppc64le.rpm	7de3757c4723b16149f5d1c9e5e2589bfe5aa9c0a8065264bdb9cc00048b26b2
ppc64le	nginx-mod-http-perl-1.20.1-14.el9_2.1.alma.1.ppc64le.rpm	7e9d5d89cd2d09d8b4a1904769703e5dcef718af947344231762a0b875815f41
ppc64le	nginx-1.20.1-14.el9_2.1.alma.1.ppc64le.rpm	98d97e4099d65e1382f39441011e4e88443f31502862afaad45f1a41a5c6cc01
ppc64le	nginx-mod-http-xslt-filter-1.20.1-14.el9_2.1.alma.1.ppc64le.rpm	ca3e8d93047c3643a9ec38ddb078aaf820da3bbc754f5825cda92a62b91f2e5c
s390x	nginx-1.20.1-14.el9_2.1.alma.1.s390x.rpm	160c5b5f6609da111597561a8753bdea1437af12af35334872de07ab65a860ff
s390x	nginx-mod-stream-1.20.1-14.el9_2.1.alma.1.s390x.rpm	168a2f091b0b21de7131ef3bd86ff994aecdd373fa14d32cfde9360540a473ef
s390x	nginx-mod-mail-1.20.1-14.el9_2.1.alma.1.s390x.rpm	26aa6a311d41f8b7526eaf0a3d9b2dd7991e599f202043e5bacc641f9c54cf70
s390x	nginx-mod-devel-1.20.1-14.el9_2.1.alma.1.s390x.rpm	7981ddf9f3d033e613f40bace2138c75fca81596dc565f3be57953a9219cf298
s390x	nginx-mod-http-xslt-filter-1.20.1-14.el9_2.1.alma.1.s390x.rpm	92f1c1f803b141eb6ad5f4be17df697df2b4668955993dbe3571073b19fdff0a
s390x	nginx-mod-http-image-filter-1.20.1-14.el9_2.1.alma.1.s390x.rpm	95e0c22879ca844a305a3b908cb1338e558967c9504c5afd64bf07ab4d42c215
s390x	nginx-core-1.20.1-14.el9_2.1.alma.1.s390x.rpm	e4c330d3436d8ea41b170928d6050ede927445b14eb5f827315c2fa53d4fab98
s390x	nginx-mod-http-perl-1.20.1-14.el9_2.1.alma.1.s390x.rpm	f877e75ee9f412650149234ae7f8989c14a6cbb5a11addd08f5a836f1f85a416
x86_64	nginx-mod-devel-1.20.1-14.el9_2.1.alma.1.x86_64.rpm	08475322b050a377845172a2df463d1a6845df3ca19f3f958448be94e4bde009
x86_64	nginx-mod-mail-1.20.1-14.el9_2.1.alma.1.x86_64.rpm	2d4b19593eb4c4a214afea47587bbf019d888506c9ef3ac3a0032f60d50b34df
x86_64	nginx-core-1.20.1-14.el9_2.1.alma.1.x86_64.rpm	48062d2e4f9f9600a706e6323f9c3721a8aa8602f0d5104f13ca48439758a7f8
x86_64	nginx-mod-http-perl-1.20.1-14.el9_2.1.alma.1.x86_64.rpm	57ee95788de4c8125377cffdb673b3f79ada9c689f7ebf873682ed5fec7107ce
x86_64	nginx-mod-http-image-filter-1.20.1-14.el9_2.1.alma.1.x86_64.rpm	597bff4a86d76a6e54a23b95c4843ef872739afc4e27d387ba5c112d9c0e28fc
x86_64	nginx-mod-stream-1.20.1-14.el9_2.1.alma.1.x86_64.rpm	9767e9d7a1d2335dc692143206f1724a552b9c0d34ef005979f7bab06e11a507
x86_64	nginx-1.20.1-14.el9_2.1.alma.1.x86_64.rpm	9ff0800ba4fa2b9bb21a0f503ddb174df9b2afb3e03ae6b3bc82f8e672a30dd1
x86_64	nginx-mod-http-xslt-filter-1.20.1-14.el9_2.1.alma.1.x86_64.rpm	ee9b01bf41a4d15effcf83428a2d1e37d0c8e1b8ceaa3fd65c41ffbb0f7056bf

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.