Need information
Sergey A. Osokin
osa at freebsd.org.ru
Fri Mar 11 09:29:58 UTC 2022
Hi Kumar,
hope you're doing well.
On Fri, Mar 11, 2022 at 02:48:50PM +0530, Gk Gk wrote:
> Hi,
>
> We work on cloud platforms and we have recently come across an nginx
> vulnerability described at
> https://mailman.nginx.org/pipermail/nginx-announce/2021/000300.html?_ga=2.60788846.2132221914.1646979909-1951211776.1640153145
>
> We are using Ubuntu 20.04 OS versions which have nginx 1.18 version. We are
> trying to upgrade
> the nginx version to 1.20.1 where this vulnerability is remediated. But we
> need nginx-extras as well. But we can't find the nginx-extras package of
> version 1.20. Only 1.18 is available. Can you suggest what is the best way
> to install nginx 1.20.1 with nginx-extras ?
It seems like the the CVE-2021-23017 has been fixed with the recent
package update,
http://changelogs.ubuntu.com/changelogs/pool/main/n/nginx/nginx_1.18.0-0ubuntu1.2/changelog
Also, I'd recommend to address your question to the maintainer of
the corresponding packages for the Ubuntu Linux.
Hope that helps.
--
Sergey Osokin
More information about the nginx-devel
mailing list