[SUSE-SU-2016:1232-1] Security update for nginx-1.0
Severity
Moderate
CVEs
3
Security update for nginx-1.0
This update for nginx-1.0 fixes the following issues:
Security fixes:
- CVE-2016-0742: Invalid pointer dereference during DNS server response processing
- CVE-2016-0747: Resource exhaustion through unlimited CNAME resolution
- CVE-2016-0746: Use-after-free condition during CNAME response processing
- ID
- SUSE-SU-2016:1232-1
- Severity
- moderate
- URL
- https://www.suse.com/support/update/announcement/2016/suse-su-20161232-1/
- Published
-
2016-05-04T12:28:17
(8 years ago) - Modified
-
2016-05-04T12:28:17
(8 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
ALAS-2016-655
DSA-3473-1
FEDORA-2016-bf03932bb3
FREEBSD:C1C18EE1-C711-11E5-96D6-14DAE9D210B8
GLSA-201606-06
NGINX:CVE-2016-0742
USN-2892-1| Source | # ID | Name | URL |
|---|---|---|---|
| Suse | SUSE ratings |
|
|
| Suse | URL of this CSAF notice |
|
|
| Suse | URL for SUSE-SU-2016:1232-1 |
|
|
| Suse | E-Mail link for SUSE-SU-2016:1232-1 |
|
|
| Bugzilla | SUSE Bug 963775 |
|
|
| Bugzilla | SUSE Bug 963778 |
|
|
| Bugzilla | SUSE Bug 963781 |
|
|
| CVE | SUSE CVE CVE-2016-0742 page |
|
|
| CVE | SUSE CVE CVE-2016-0746 page |
|
|
| CVE | SUSE CVE CVE-2016-0747 page |
|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |