1. Home
  2. Security Advisories
  3. Red Hat
  4. RHSA-2021:2290

[RHSA-2021:2290] nginx:1.16 security update

Severity Important
Affected Packages 26
CVEs 1
Info Packages References Vulnerabilities

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage.

Security Fix(es):

  • nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name (CVE-2021-23017)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Package Affected Version
pkg:rpm/redhat/nginx?arch=x86_64&distro=redhat-8.4 < 1.16.1-2.module+el8.4.0+11155+68135136.1
pkg:rpm/redhat/nginx?arch=s390x&distro=redhat-8.4 < 1.16.1-2.module+el8.4.0+11155+68135136.1
pkg:rpm/redhat/nginx?arch=ppc64le&distro=redhat-8.4 < 1.16.1-2.module+el8.4.0+11155+68135136.1
pkg:rpm/redhat/nginx?arch=aarch64&distro=redhat-8.4 < 1.16.1-2.module+el8.4.0+11155+68135136.1
pkg:rpm/redhat/nginx-mod-stream?arch=x86_64&distro=redhat-8.4 < 1.16.1-2.module+el8.4.0+11155+68135136.1
pkg:rpm/redhat/nginx-mod-stream?arch=s390x&distro=redhat-8.4 < 1.16.1-2.module+el8.4.0+11155+68135136.1
pkg:rpm/redhat/nginx-mod-stream?arch=ppc64le&distro=redhat-8.4 < 1.16.1-2.module+el8.4.0+11155+68135136.1
pkg:rpm/redhat/nginx-mod-stream?arch=aarch64&distro=redhat-8.4 < 1.16.1-2.module+el8.4.0+11155+68135136.1
pkg:rpm/redhat/nginx-mod-mail?arch=x86_64&distro=redhat-8.4 < 1.16.1-2.module+el8.4.0+11155+68135136.1
pkg:rpm/redhat/nginx-mod-mail?arch=s390x&distro=redhat-8.4 < 1.16.1-2.module+el8.4.0+11155+68135136.1
pkg:rpm/redhat/nginx-mod-mail?arch=ppc64le&distro=redhat-8.4 < 1.16.1-2.module+el8.4.0+11155+68135136.1
pkg:rpm/redhat/nginx-mod-mail?arch=aarch64&distro=redhat-8.4 < 1.16.1-2.module+el8.4.0+11155+68135136.1
pkg:rpm/redhat/nginx-mod-http-xslt-filter?arch=x86_64&distro=redhat-8.4 < 1.16.1-2.module+el8.4.0+11155+68135136.1
pkg:rpm/redhat/nginx-mod-http-xslt-filter?arch=s390x&distro=redhat-8.4 < 1.16.1-2.module+el8.4.0+11155+68135136.1
pkg:rpm/redhat/nginx-mod-http-xslt-filter?arch=ppc64le&distro=redhat-8.4 < 1.16.1-2.module+el8.4.0+11155+68135136.1
pkg:rpm/redhat/nginx-mod-http-xslt-filter?arch=aarch64&distro=redhat-8.4 < 1.16.1-2.module+el8.4.0+11155+68135136.1
pkg:rpm/redhat/nginx-mod-http-perl?arch=x86_64&distro=redhat-8.4 < 1.16.1-2.module+el8.4.0+11155+68135136.1
pkg:rpm/redhat/nginx-mod-http-perl?arch=s390x&distro=redhat-8.4 < 1.16.1-2.module+el8.4.0+11155+68135136.1
pkg:rpm/redhat/nginx-mod-http-perl?arch=ppc64le&distro=redhat-8.4 < 1.16.1-2.module+el8.4.0+11155+68135136.1
pkg:rpm/redhat/nginx-mod-http-perl?arch=aarch64&distro=redhat-8.4 < 1.16.1-2.module+el8.4.0+11155+68135136.1
pkg:rpm/redhat/nginx-mod-http-image-filter?arch=x86_64&distro=redhat-8.4 < 1.16.1-2.module+el8.4.0+11155+68135136.1
pkg:rpm/redhat/nginx-mod-http-image-filter?arch=s390x&distro=redhat-8.4 < 1.16.1-2.module+el8.4.0+11155+68135136.1
pkg:rpm/redhat/nginx-mod-http-image-filter?arch=ppc64le&distro=redhat-8.4 < 1.16.1-2.module+el8.4.0+11155+68135136.1
pkg:rpm/redhat/nginx-mod-http-image-filter?arch=aarch64&distro=redhat-8.4 < 1.16.1-2.module+el8.4.0+11155+68135136.1
pkg:rpm/redhat/nginx-filesystem?distro=redhat-8.4 < 1.16.1-2.module+el8.4.0+11155+68135136.1
pkg:rpm/redhat/nginx-all-modules?distro=redhat-8.4 < 1.16.1-2.module+el8.4.0+11155+68135136.1
ID
RHSA-2021:2290
Severity
important
URL
https://access.redhat.com/errata/RHSA-2021:2290
Published
2021-06-08T00:00:00
(3 years ago)
Modified
2021-06-08T00:00:00
(3 years ago)
Rights
Copyright 2021 Red Hat, Inc.
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/redhat/nginx?arch=x86_64&distro=redhat-8.4 redhat nginx < 1.16.1-2.module+el8.4.0+11155+68135136.1 redhat-8.4 x86_64
Affected pkg:rpm/redhat/nginx?arch=s390x&distro=redhat-8.4 redhat nginx < 1.16.1-2.module+el8.4.0+11155+68135136.1 redhat-8.4 s390x
Affected pkg:rpm/redhat/nginx?arch=ppc64le&distro=redhat-8.4 redhat nginx < 1.16.1-2.module+el8.4.0+11155+68135136.1 redhat-8.4 ppc64le
Affected pkg:rpm/redhat/nginx?arch=aarch64&distro=redhat-8.4 redhat nginx < 1.16.1-2.module+el8.4.0+11155+68135136.1 redhat-8.4 aarch64
Affected pkg:rpm/redhat/nginx-mod-stream?arch=x86_64&distro=redhat-8.4 redhat nginx-mod-stream < 1.16.1-2.module+el8.4.0+11155+68135136.1 redhat-8.4 x86_64
Affected pkg:rpm/redhat/nginx-mod-stream?arch=s390x&distro=redhat-8.4 redhat nginx-mod-stream < 1.16.1-2.module+el8.4.0+11155+68135136.1 redhat-8.4 s390x
Affected pkg:rpm/redhat/nginx-mod-stream?arch=ppc64le&distro=redhat-8.4 redhat nginx-mod-stream < 1.16.1-2.module+el8.4.0+11155+68135136.1 redhat-8.4 ppc64le
Affected pkg:rpm/redhat/nginx-mod-stream?arch=aarch64&distro=redhat-8.4 redhat nginx-mod-stream < 1.16.1-2.module+el8.4.0+11155+68135136.1 redhat-8.4 aarch64
Affected pkg:rpm/redhat/nginx-mod-mail?arch=x86_64&distro=redhat-8.4 redhat nginx-mod-mail < 1.16.1-2.module+el8.4.0+11155+68135136.1 redhat-8.4 x86_64
Affected pkg:rpm/redhat/nginx-mod-mail?arch=s390x&distro=redhat-8.4 redhat nginx-mod-mail < 1.16.1-2.module+el8.4.0+11155+68135136.1 redhat-8.4 s390x
Affected pkg:rpm/redhat/nginx-mod-mail?arch=ppc64le&distro=redhat-8.4 redhat nginx-mod-mail < 1.16.1-2.module+el8.4.0+11155+68135136.1 redhat-8.4 ppc64le
Affected pkg:rpm/redhat/nginx-mod-mail?arch=aarch64&distro=redhat-8.4 redhat nginx-mod-mail < 1.16.1-2.module+el8.4.0+11155+68135136.1 redhat-8.4 aarch64
Affected pkg:rpm/redhat/nginx-mod-http-xslt-filter?arch=x86_64&distro=redhat-8.4 redhat nginx-mod-http-xslt-filter < 1.16.1-2.module+el8.4.0+11155+68135136.1 redhat-8.4 x86_64
Affected pkg:rpm/redhat/nginx-mod-http-xslt-filter?arch=s390x&distro=redhat-8.4 redhat nginx-mod-http-xslt-filter < 1.16.1-2.module+el8.4.0+11155+68135136.1 redhat-8.4 s390x
Affected pkg:rpm/redhat/nginx-mod-http-xslt-filter?arch=ppc64le&distro=redhat-8.4 redhat nginx-mod-http-xslt-filter < 1.16.1-2.module+el8.4.0+11155+68135136.1 redhat-8.4 ppc64le
Affected pkg:rpm/redhat/nginx-mod-http-xslt-filter?arch=aarch64&distro=redhat-8.4 redhat nginx-mod-http-xslt-filter < 1.16.1-2.module+el8.4.0+11155+68135136.1 redhat-8.4 aarch64
Affected pkg:rpm/redhat/nginx-mod-http-perl?arch=x86_64&distro=redhat-8.4 redhat nginx-mod-http-perl < 1.16.1-2.module+el8.4.0+11155+68135136.1 redhat-8.4 x86_64
Affected pkg:rpm/redhat/nginx-mod-http-perl?arch=s390x&distro=redhat-8.4 redhat nginx-mod-http-perl < 1.16.1-2.module+el8.4.0+11155+68135136.1 redhat-8.4 s390x
Affected pkg:rpm/redhat/nginx-mod-http-perl?arch=ppc64le&distro=redhat-8.4 redhat nginx-mod-http-perl < 1.16.1-2.module+el8.4.0+11155+68135136.1 redhat-8.4 ppc64le
Affected pkg:rpm/redhat/nginx-mod-http-perl?arch=aarch64&distro=redhat-8.4 redhat nginx-mod-http-perl < 1.16.1-2.module+el8.4.0+11155+68135136.1 redhat-8.4 aarch64
Affected pkg:rpm/redhat/nginx-mod-http-image-filter?arch=x86_64&distro=redhat-8.4 redhat nginx-mod-http-image-filter < 1.16.1-2.module+el8.4.0+11155+68135136.1 redhat-8.4 x86_64
Affected pkg:rpm/redhat/nginx-mod-http-image-filter?arch=s390x&distro=redhat-8.4 redhat nginx-mod-http-image-filter < 1.16.1-2.module+el8.4.0+11155+68135136.1 redhat-8.4 s390x
Affected pkg:rpm/redhat/nginx-mod-http-image-filter?arch=ppc64le&distro=redhat-8.4 redhat nginx-mod-http-image-filter < 1.16.1-2.module+el8.4.0+11155+68135136.1 redhat-8.4 ppc64le
Affected pkg:rpm/redhat/nginx-mod-http-image-filter?arch=aarch64&distro=redhat-8.4 redhat nginx-mod-http-image-filter < 1.16.1-2.module+el8.4.0+11155+68135136.1 redhat-8.4 aarch64
Affected pkg:rpm/redhat/nginx-filesystem?distro=redhat-8.4 redhat nginx-filesystem < 1.16.1-2.module+el8.4.0+11155+68135136.1 redhat-8.4
Affected pkg:rpm/redhat/nginx-all-modules?distro=redhat-8.4 redhat nginx-all-modules < 1.16.1-2.module+el8.4.0+11155+68135136.1 redhat-8.4
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date