Debian Security Advisory
DSA-3908-1 nginx -- security update
- Date Reported:
- 12 Jul 2017
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2017-7529.
- More information:
An integer overflow has been found in the HTTP range module of Nginx, a high-performance web and reverse proxy server, which may result in information disclosure.
For the oldstable distribution (jessie), this problem has been fixed in version 1.6.2-5+deb8u5.
For the stable distribution (stretch), this problem has been fixed in version 1.10.3-1+deb9u1.
For the unstable distribution (sid), this problem will be fixed soon.
We recommend that you upgrade your nginx packages.