nginx

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Lightweight HTTP server and IMAP/POP3 proxy server
Version 1.14.0-1 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-345 1.12.0-2 1.12.1-1 High Fixed
AVG-138 1.10.2-2 1.10.2-3 High Fixed FS#52546
Issue Group Severity Remote Type Description
CVE-2017-7529 AVG-345 High Yes Information disclosure
A security issue was identified in the range filter module of nginx < 1.13.3. A specially crafted request might result in an integer overflow and incorrect...
CVE-2016-1247 AVG-138 High No Privilege escalation
A symlink attack vulnerability was discovered in nginx. An attacker who could already run commands under the nginx user id could use this access to append...

Advisories

Date Advisory Group Severity Description
12 Jul 2017 ASA-201707-11 AVG-345 High information disclosure
15 Jan 2017 ASA-201701-23 AVG-138 High privilege escalation