Updated nginx packages fix security vulnerabilities
Publication date: 17 Feb 2016Modification date: 17 Feb 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-0742 , CVE-2016-0746 , CVE-2016-0747
Description
Updated nginx package fixes security vulnerabilities:
Several vulnerabilities were discovered in the resolver in nginx, leading to
denial of service or, potentially, to arbitrary code execution. These only
affect nginx if the "resolver" directive is used in a configuration file
(CVE-2016-0742, CVE-2016-0746, CVE-2016-0747).
References
- https://bugs.mageia.org/show_bug.cgi?id=17631
- http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html
- https://www.debian.org/security/2016/dsa-3473
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747
SRPMS
5/core
- nginx-1.6.2-5.1.mga5