nginx:1.22 security update

2023-11-1123:00:06

Rockylinux Product Errata

errata.rockylinux.org

953

nginx

module update

security fix

http/2 vulnerability

cvss score

rocky linux 9

ddos attack

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.3

Confidence

Low

EPSS

0.816

Percentile

98.4%

JSON

An update is available for module.nginx, nginx.
This update affects Rocky Linux 9.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage.

Security Fix(es):

HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
rocky9aarch64nginx< 1.22.1-3.module+el9.2.0+15280+45c505d6.1nginx-1:1.22.1-3.module+el9.2.0+15280+45c505d6.1.aarch64.rpm
rocky9ppc64lenginx< 1.22.1-3.module+el9.2.0+15280+45c505d6.1nginx-1:1.22.1-3.module+el9.2.0+15280+45c505d6.1.ppc64le.rpm
rocky9x86_64nginx< 1.22.1-3.module+el9.2.0+15280+45c505d6.1nginx-1:1.22.1-3.module+el9.2.0+15280+45c505d6.1.x86_64.rpm
rocky9noarchnginx-all-modules< 1.22.1-3.module+el9.2.0+15280+45c505d6.1nginx-all-modules-1:1.22.1-3.module+el9.2.0+15280+45c505d6.1.noarch.rpm
rocky9aarch64nginx-core< 1.22.1-3.module+el9.2.0+15280+45c505d6.1nginx-core-1:1.22.1-3.module+el9.2.0+15280+45c505d6.1.aarch64.rpm
rocky9ppc64lenginx-core< 1.22.1-3.module+el9.2.0+15280+45c505d6.1nginx-core-1:1.22.1-3.module+el9.2.0+15280+45c505d6.1.ppc64le.rpm
rocky9x86_64nginx-core< 1.22.1-3.module+el9.2.0+15280+45c505d6.1nginx-core-1:1.22.1-3.module+el9.2.0+15280+45c505d6.1.x86_64.rpm
rocky9aarch64nginx-core-debuginfo< 1.22.1-3.module+el9.2.0+15280+45c505d6.1nginx-core-debuginfo-1:1.22.1-3.module+el9.2.0+15280+45c505d6.1.aarch64.rpm
rocky9ppc64lenginx-core-debuginfo< 1.22.1-3.module+el9.2.0+15280+45c505d6.1nginx-core-debuginfo-1:1.22.1-3.module+el9.2.0+15280+45c505d6.1.ppc64le.rpm
rocky9x86_64nginx-core-debuginfo< 1.22.1-3.module+el9.2.0+15280+45c505d6.1nginx-core-debuginfo-1:1.22.1-3.module+el9.2.0+15280+45c505d6.1.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
rocky	9	aarch64	nginx	< 1.22.1-3.module+el9.2.0+15280+45c505d6.1	nginx-1:1.22.1-3.module+el9.2.0+15280+45c505d6.1.aarch64.rpm
rocky	9	ppc64le	nginx	< 1.22.1-3.module+el9.2.0+15280+45c505d6.1	nginx-1:1.22.1-3.module+el9.2.0+15280+45c505d6.1.ppc64le.rpm
rocky	9	x86_64	nginx	< 1.22.1-3.module+el9.2.0+15280+45c505d6.1	nginx-1:1.22.1-3.module+el9.2.0+15280+45c505d6.1.x86_64.rpm
rocky	9	noarch	nginx-all-modules	< 1.22.1-3.module+el9.2.0+15280+45c505d6.1	nginx-all-modules-1:1.22.1-3.module+el9.2.0+15280+45c505d6.1.noarch.rpm
rocky	9	aarch64	nginx-core	< 1.22.1-3.module+el9.2.0+15280+45c505d6.1	nginx-core-1:1.22.1-3.module+el9.2.0+15280+45c505d6.1.aarch64.rpm
rocky	9	ppc64le	nginx-core	< 1.22.1-3.module+el9.2.0+15280+45c505d6.1	nginx-core-1:1.22.1-3.module+el9.2.0+15280+45c505d6.1.ppc64le.rpm
rocky	9	x86_64	nginx-core	< 1.22.1-3.module+el9.2.0+15280+45c505d6.1	nginx-core-1:1.22.1-3.module+el9.2.0+15280+45c505d6.1.x86_64.rpm
rocky	9	aarch64	nginx-core-debuginfo	< 1.22.1-3.module+el9.2.0+15280+45c505d6.1	nginx-core-debuginfo-1:1.22.1-3.module+el9.2.0+15280+45c505d6.1.aarch64.rpm
rocky	9	ppc64le	nginx-core-debuginfo	< 1.22.1-3.module+el9.2.0+15280+45c505d6.1	nginx-core-debuginfo-1:1.22.1-3.module+el9.2.0+15280+45c505d6.1.ppc64le.rpm
rocky	9	x86_64	nginx-core-debuginfo	< 1.22.1-3.module+el9.2.0+15280+45c505d6.1	nginx-core-debuginfo-1:1.22.1-3.module+el9.2.0+15280+45c505d6.1.x86_64.rpm