Advisories ยป MGASA-2020-0231

Updated nginx packages fix security vulnerability

Publication date: 27 May 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-20372

Description

Nginx was updated due to the following vulnerabilities:
ngx_http_special_response.c: With a certain error_page configuration,
HTTP request smuggling is possible. Thus, an attacker may be able to
read unauthorized web pages at times when NGINX is being fronted by a
load balancer. (CVE-2019-20372).
                

References

SRPMS

7/core