[BlueOnyx:22480] 5209R: Nginx security related update
Michael Stauber
mstauber at blueonyx.it
Mon Nov 12 13:43:15 -05 2018
Hi all,
We just released an updated Nginx (1.14.1) for BlueOnyx 5209R, which
addresses various security issues.
BlueOnyx 5209R did included Nginx (1.13.9) as optional HTTPS-proxy.
Recently it was discovered that this version of Nginx had multiple
vulnerabilities in HTTP/2 (CVE-2018-16843, CVE-2018-16844) and as a
result upstream had released nginx-1.14.1 stable and nginx-1.15.6 mainline.
We just rolled up a slightly modified nginx-1.14.1 for BlueOnyx 5209R
that addresses our HTTPS-proxy needs and released it to the BlueOnyx
5209R yum repositories.
Just run a "yum update" and you should be good to go.
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list