-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ----------------------------------------------------------------------- Debian LTS Advisory DLA-2670-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta May 30, 2021 https://wiki.debian.org/LTS - -----------------------------------------------------------------------
Package : nginx Version : 1.10.3-1+deb9u6 CVE ID : CVE-2021-23017 Debian Bug : 989095 Luis Merino, Markus Vervier and Eric Sesterhenn discovered an off-by-one in Nginx, a high-performance web and reverse proxy server, which could result in denial of service and potentially the execution of arbitrary code. For Debian 9 stretch, this problem has been fixed in version 1.10.3-1+deb9u6. We recommend that you upgrade your nginx packages. For the detailed security status of nginx please refer to its security tracker page at: https://security-tracker.debian.org/tracker/nginx Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAmCzi0AACgkQgj6WdgbD S5Zw8xAAyEgo1VF9XUWja9OsK/uflQJZf7JUybpE5mWOp/lZBUhQcr/nbnAxuBbC Se4KVyZbtc5rnizA5ju6xQ6LKrtL9sL7ZRnLt9k3FcG7fKly/ilJgKSRCt58x+s+ nH1eLQzvGWa+dIooUwolOhwo5CEinkQR38yO90n9vCK7m+M1PgeM1SBSgFZxD2dR Md6zL40EGcms8jRboQQ+VYDdP3nqqhAnnq0oasbCiR+DAWQwhPzVjz322WGz4QMF zYHBeo1dUTAouWV24lwn/iwtkjjTbOlkvWB0x8/lw1yybK6sVpW5rATaSxgRZUoB IqeFF6rr5V9wd3Q5sccgyFi8KjKWL0axNAkCNIESf9z4CGlkR8SyVVjBoBPdmkYY NaCn73KssglctFgF+rr622GlzTsIVBmJ09yyafjBz3JsHBmu5vgPYrLy67buk7/K szpt+skHCVvN3Y6zdmC5xmpHjbdTVWSffA1HBzLUwciNM2T0d7dxEqdarG2NhJc0 5EBfRTS+NNtijNGKT90bmvq/iVzgo3QjXC6Y2MzLYIHSmrVJM/40s9JgccjLCvLv SNmXpIVBoQYKLhnVgk0BciK98BSpoNKje//B3skS7QzpM7uccNfPrvVInaHwn9LY 24ALisHsV8WrSUhDaXfqLcyPEm2qxTbWaXFZ1X+qEPB0hwnUHmU= =gnyZ -----END PGP SIGNATURE-----
