Hello, I have a question regarding the nginx package. I’ve noticed that there are some known issues with the version of nginx being used in EPEL, which is 1.10 at the moment.
1. CVE-2017-7529 2. CVE-2016-4450 Reference : http://nginx.org/en/security_advisories.html Where can I find the answers to the following questions? 1. Are these security advisories considered important enough to be fixed by the package maintainer? 2. Will they be backported from newer upstream versions? 3. Will the package be bumped to a newer upstream version altogether? 4. Is there a way I can help with maintaining the nginx package? Thanks, David
_______________________________________________ epel-devel mailing list -- [email protected] To unsubscribe send an email to [email protected]
