[nginx-announce] nginx-1.20.1
Maxim Dounin
mdounin at mdounin.ru
Tue May 25 15:37:48 UTC 2021
Changes with nginx 1.20.1 25 May 2021
*) Security: 1-byte memory overwrite might occur during DNS server
response processing if the "resolver" directive was used, allowing an
attacker who is able to forge UDP packets from the DNS server to
cause worker process crash or, potentially, arbitrary code execution
(CVE-2021-23017).
--
Maxim Dounin
http://nginx.org/
More information about the nginx-announce
mailing list