—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512
– ————————————————————————-
Debian Security Advisory DSA-4750-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
August 26, 2020 https://www.debian.org/security/faq
– ————————————————————————-
Package : nginx
CVE ID : CVE-2020-11724
Debian Bug : 964950
It was reported that the Lua module for Nginx, a high-performance web
and reverse proxy server, is prone to a HTTP request smuggling
vulnerability.
For the stable distribution (buster), this problem has been fixed in
version 1.14.2-2+deb10u3.
We recommend that you upgrade your nginx packages.
For the detailed security status of nginx please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/nginx
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
—–BEGIN PGP SIGNATURE—–
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl9GlAhfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0Q+QBAAlo31j8w4zpQNYaxVm7K/lH4TukFPbE79ZSBnuWvtiC59a7AwWbfqCWd5
kkMTicjMYsExEp+jgnFex5W0LEQ/weRE8DHnAaDIEs4V1eJHzj5NxPUB0ZpFJshJ
oLB8lMX5vJDTSynMmBzzY65UTZl8/5CVDxbku8yS1zVXtl3RHxCoHpmzxWrpfkhU
cl9fdNVF2Vn1GENen5PNz9AhOXLp/Px6Y/iSAYjwLPQJPTEHbYtdBnu/p113QUz9
OlvW1A7hVYtpg6JfX2/dQMzhBHetyOwqnLSnWMPPe/MOd0hA9m3//DHmR5mIb263
YsdOL27u3IVf6leSZ4T8KhK1IChHZF1/Kw6VCaIKr4LtWtPJYDM+QE7pXA7s9UIM
eulmVn4q2ppjSCgV9MqlQpEYs7xvkAgaEAakE93FwARliAhtvmo5JXtz29NamGfp
FjfC8wMNGinVL4Xt8Za3na4QFDuBFD936qOL38vyPS6MrOc0H6RoI2aDHDr0YJi/
YlrhIyAQ8anAVqFaueGrfz9AWcLDCWKWa6A7ShIZLRIUlPyUwZ4M0jnQNEw4epva
Y8LqLuDvrG2Zl9saVD0YmkAVh2A2o3xVuiQa1O4wTYQPvAW2WT87yjXsamjGila8
whAgsNA6L2BC2Y9jHCCeYV57e/dibmDrC2QFprEeqDNKZD2a8UE=
=QmrI
—–END PGP SIGNATURE—–