Hi Kumar, hope you're doing well.
On Fri, Mar 11, 2022 at 02:48:50PM +0530, Gk Gk wrote: > Hi, > > We work on cloud platforms and we have recently come across an nginx > vulnerability described at > https://mailman.nginx.org/pipermail/nginx-announce/2021/000300.html?_ga=2.60788846.2132221914.1646979909-1951211776.1640153145 > > We are using Ubuntu 20.04 OS versions which have nginx 1.18 version. We are > trying to upgrade > the nginx version to 1.20.1 where this vulnerability is remediated. But we > need nginx-extras as well. But we can't find the nginx-extras package of > version 1.20. Only 1.18 is available. Can you suggest what is the best way > to install nginx 1.20.1 with nginx-extras ? It seems like the the CVE-2021-23017 has been fixed with the recent package update, http://changelogs.ubuntu.com/changelogs/pool/main/n/nginx/nginx_1.18.0-0ubuntu1.2/changelog Also, I'd recommend to address your question to the maintainer of the corresponding packages for the Ubuntu Linux. Hope that helps. -- Sergey Osokin _______________________________________________ nginx-devel mailing list -- nginx-devel@nginx.org To unsubscribe send an email to nginx-devel-le...@nginx.org
