-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2283-1 [email protected] https://www.debian.org/lts/security/ July 20, 2020 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : nginx Version : 1.10.3-1+deb9u5 CVE ID : CVE-2020-11724 Debian Bug : 964950 An HTTP request smuggling issue was discovered in the ngx_lua plugin for nginx, a high-performance web and reverse proxy server, as demonstrated by the ngx.location.capture API. For Debian 9 stretch, this problem has been fixed in version 1.10.3-1+deb9u5. We recommend that you upgrade your nginx packages. For the detailed security status of nginx please refer to its security tracker page at: https://security-tracker.debian.org/tracker/nginx Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEQic8GuN/xDR88HkSj/HLbo2JBZ8FAl8VmHsACgkQj/HLbo2J BZ+sLwf8DU7DKoekm58xtNZN/Fv2UgTemBii/ZDVrFU7bF47m76CzScGGUaQ98NN GJv5m5DBiRQjHKXHwUMPw8K21FtV4tPsNs0K/Z7G3gtfkIFRwf/LruR4cJv0BVGb Y9+8wuyj2AjjsHmvoYaM+SwZx7y7fS24cnAjhLeuzk7YOszR57FsHkt7vBd1+36M hpticauGXQgUKQ0G6DfH7RH9CG2BX/ScU/YFOeSM+FsrFaz1BDeaB8Nv5l5fIjcQ 0KeSzuOAt/czM9W6D60vTcd0y7/SDwkWYly8yGZWJvCEuVr744Ij3b76Xsu64V0B 5RsAX4B+jN22NVFecudQTDrMx2C3mA== =CM8W -----END PGP SIGNATURE-----
