UbuntuUpdates.org

Package "libnginx-mod-nchan"

Name: libnginx-mod-nchan

Description:

Fast, flexible pub/sub server for Nginx

Latest version: 1.16.1-0ubuntu2.1
Release: eoan (19.10)
Level: updates
Repository: universe
Head package: nginx
Homepage: http://nginx.net

Links

Save this URL for the latest version of "libnginx-mod-nchan": https://www.ubuntuupdates.org/libnginx-mod-nchan


Download "libnginx-mod-nchan"


Other versions of "libnginx-mod-nchan" in Eoan

Repository Area Version
base universe 1.16.1-0ubuntu2
security universe 1.16.1-0ubuntu2.1
PPA: Nginx 1.16.1-0+eoan1

Changelog

Version: 1.16.1-0ubuntu2.1 2020-01-13 17:06:58 UTC

  nginx (1.16.1-0ubuntu2.1) eoan-security; urgency=medium

  * SECURITY UPDATE: request smuggling via error_page
    - debian/patches/CVE-2019-20372.patch: discard request body when
      redirecting to a URL via error_page in
      src/http/ngx_http_special_response.c.
    - CVE-2019-20372

 -- Marc Deslauriers <email address hidden> Fri, 10 Jan 2020 14:16:29 -0500

CVE-2019-20372 NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read una



About   -   Send Feedback to @ubuntu_updates