[SECURITY] [DLA 2283-1] nginx security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2283-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/
July 20, 2020 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : nginx
Version : 1.10.3-1+deb9u5
CVE ID : CVE-2020-11724
Debian Bug : 964950
An HTTP request smuggling issue was discovered in the ngx_lua plugin
for nginx, a high-performance web and reverse proxy server, as
demonstrated by the ngx.location.capture API.
For Debian 9 stretch, this problem has been fixed in version
1.10.3-1+deb9u5.
We recommend that you upgrade your nginx packages.
For the detailed security status of nginx please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/nginx
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCgAdFiEEQic8GuN/xDR88HkSj/HLbo2JBZ8FAl8VmHsACgkQj/HLbo2J
BZ+sLwf8DU7DKoekm58xtNZN/Fv2UgTemBii/ZDVrFU7bF47m76CzScGGUaQ98NN
GJv5m5DBiRQjHKXHwUMPw8K21FtV4tPsNs0K/Z7G3gtfkIFRwf/LruR4cJv0BVGb
Y9+8wuyj2AjjsHmvoYaM+SwZx7y7fS24cnAjhLeuzk7YOszR57FsHkt7vBd1+36M
hpticauGXQgUKQ0G6DfH7RH9CG2BX/ScU/YFOeSM+FsrFaz1BDeaB8Nv5l5fIjcQ
0KeSzuOAt/czM9W6D60vTcd0y7/SDwkWYly8yGZWJvCEuVr744Ij3b76Xsu64V0B
5RsAX4B+jN22NVFecudQTDrMx2C3mA==
=CM8W
-----END PGP SIGNATURE-----
Reply to: