Login
Newsletter
Werbung

Sicherheit: Cross-Site Scripting in nginx
Aktuelle Meldungen Distributionen
Name: Cross-Site Scripting in nginx
ID: DSA-4750-1
Distribution: Debian
Plattformen: Debian buster
Datum: Do, 27. August 2020, 00:32
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11724
Applikationen: nginx

Originalnachricht

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4750-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
August 26, 2020 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : nginx
CVE ID : CVE-2020-11724
Debian Bug : 964950

It was reported that the Lua module for Nginx, a high-performance web
and reverse proxy server, is prone to a HTTP request smuggling
vulnerability.

For the stable distribution (buster), this problem has been fixed in
version 1.14.2-2+deb10u3.

We recommend that you upgrade your nginx packages.

For the detailed security status of nginx please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/nginx

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl9GlAhfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0Q+QBAAlo31j8w4zpQNYaxVm7K/lH4TukFPbE79ZSBnuWvtiC59a7AwWbfqCWd5
kkMTicjMYsExEp+jgnFex5W0LEQ/weRE8DHnAaDIEs4V1eJHzj5NxPUB0ZpFJshJ
oLB8lMX5vJDTSynMmBzzY65UTZl8/5CVDxbku8yS1zVXtl3RHxCoHpmzxWrpfkhU
cl9fdNVF2Vn1GENen5PNz9AhOXLp/Px6Y/iSAYjwLPQJPTEHbYtdBnu/p113QUz9
OlvW1A7hVYtpg6JfX2/dQMzhBHetyOwqnLSnWMPPe/MOd0hA9m3//DHmR5mIb263
YsdOL27u3IVf6leSZ4T8KhK1IChHZF1/Kw6VCaIKr4LtWtPJYDM+QE7pXA7s9UIM
eulmVn4q2ppjSCgV9MqlQpEYs7xvkAgaEAakE93FwARliAhtvmo5JXtz29NamGfp
FjfC8wMNGinVL4Xt8Za3na4QFDuBFD936qOL38vyPS6MrOc0H6RoI2aDHDr0YJi/
YlrhIyAQ8anAVqFaueGrfz9AWcLDCWKWa6A7ShIZLRIUlPyUwZ4M0jnQNEw4epva
Y8LqLuDvrG2Zl9saVD0YmkAVh2A2o3xVuiQa1O4wTYQPvAW2WT87yjXsamjGila8
whAgsNA6L2BC2Y9jHCCeYV57e/dibmDrC2QFprEeqDNKZD2a8UE=
=QmrI
-----END PGP SIGNATURE-----
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung