Vulnerability related Doubts in Nginx

Maxim Konovalov maxim at
Tue Mar 22 12:22:48 UTC 2016

On 3/22/16 3:17 PM, Zeal Vora wrote:
> @Maxim :-
> Thanks. Actually we compile Nginx so to include additional modules.
> The solution mentioned in Amazon page is " yum update nginx " is
> something which will not help as we will need the tar.gz / SRPM file
> for that version.
> @Valentin :-
> Thanks, actually we already have 1.8.1 but the reported fix is
> in nginx-1.8.1-1.26 for which I can't find any SRPM / tar.gz file.
The nessus report is about the package version. "nginx-1.8.1-1.26"
is something AWS specific, it doesn't come from

If you built your own package or compiled nginx from the
sources you are safe with 1.8.1.

Maxim Konovalov

More information about the nginx mailing list