UbuntuUpdates.org

Bugs fixes in "nginx"

Origin Bug number Title Date fixed
CVE CVE-2021-3618 ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certif 2022-04-12
CVE CVE-2020-11724 An issue was discovered in OpenResty before 1.15.8.4. ngx_http_lua_subrequest.c allows HTTP request smuggling, as demonstrated by the ngx.location.ca 2022-04-12
CVE CVE-2020-36309 ngx_http_lua_module (aka lua-nginx-module) before 0.10.16 in OpenResty allows unsafe characters in an argument when using the API to mutate a URI, or 2022-04-12
CVE CVE-2021-3618 ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certif 2022-04-12
Launchpad 1875231 [SRU] [20.04] Update NGINX version string to 1.18.0 2020-07-02
Launchpad 1875231 [SRU] [20.04] Update NGINX version string to 1.18.0 2020-07-02
Launchpad 1875231 [SRU] [20.04] Update NGINX version string to 1.18.0 2020-04-29
Launchpad 1875231 [SRU] [20.04] Update NGINX version string to 1.18.0 2020-04-29
CVE CVE-2019-20372 NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read una 2020-01-13
CVE CVE-2019-20372 NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read una 2020-01-13
CVE CVE-2019-20372 NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read una 2020-01-13
CVE CVE-2019-20372 NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read una 2020-01-13
CVE CVE-2019-20372 NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read una 2020-01-13
CVE CVE-2019-20372 NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read una 2020-01-13
CVE CVE-2019-20372 NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read una 2020-01-13
CVE CVE-2019-20372 NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read una 2020-01-13
Launchpad 1840404 [regression] 1.14.0-0ubuntu1.4 security update enables TLS1.3 without a choice 2019-08-16
Launchpad 1840404 [regression] 1.14.0-0ubuntu1.4 security update enables TLS1.3 without a choice 2019-08-16
Launchpad 1840404 [regression] 1.14.0-0ubuntu1.4 security update enables TLS1.3 without a choice 2019-08-16
Launchpad 1840404 [regression] 1.14.0-0ubuntu1.4 security update enables TLS1.3 without a choice 2019-08-16



About   -   Send Feedback to @ubuntu_updates