nginx packages in hardy/hardy-backports allow null-byte vulnerability in certain configurations
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Hardy Backports |
Fix Released
|
Undecided
|
Unassigned | ||
nginx (Ubuntu) |
Fix Released
|
Medium
|
Unassigned |
Bug Description
This is related to LP #783508.
After more investigation, I've concluded that the issue identified in #783508 affects nginx 0.5, 0.6, 0.7 < 0.7.66, and 0.8 < 0.8.38. The nginx packages in hardy and hardy-backports are based off of the 0.5 and 0.6 branches of nginx (respectively) which means they're vulnerable. I've reported this issue upstream as well as to Red Hat (see https:/
I attempted to build a debdiff for the 0.5 branch by applying the relevant changeset from the nginx SVN repository. However, the changeset patch does not apply properly given the differences between the 0.5 and 0.7 branches of nginx. I am not confident in my ability to provide a patch for this issue without potentially breaking the application.
Changed in hardy-backports: | |
status: | Confirmed → Fix Released |
Thanks for taking the time to report this bug and helping to make Ubuntu better. Since the package referred to in this bug is in universe or multiverse, it is community maintained. If you are able, I suggest posting a debdiff for this issue. When a debdiff is available, members of the security team will review it and publish the package. See the following link for more information: https:/ /wiki.ubuntu. com/SecurityTea m/UpdateProcedu res