Discover Centmin Mod today
Register Now

Nginx [nginx-announce] unit security advisory (CVE-2019-7401)

Discussion in 'Nginx and PHP-FPM news & discussions' started by eva2000, Feb 8, 2019.

  1. eva2000

    eva2000 Administrator Staff Member

    41,095
    9,195
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,106
    Local Time:
    7:47 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Hi,

    A security issue was identified in NGINX Unit, which might allow an
    attacker to cause a heap memory buffer overflow in the router process
    with a specially crafted request. This may result in a denial of
    service (router process crash) or other unspecified behavior
    (CVE-2019-7401).

    The issue affects Unit 0.3 - 1.7.
    The issue is fixed in Unit 1.7.1.

    wbr, Valentin V. Bartenev

    _______________________________________________
    nginx-announce mailing list
    [email protected]
    http://mailman.nginx.org/mailman/listinfo/nginx-announce

    Continue reading...