Nginx [nginx-announce] unit security advisory (CVE-2019-7401)

eva2000 · 2019-02-08

Hi, A security issue was identified in NGINX Unit, which might allow an attacker to cause a heap memory buffer overflow in the router process with a specially crafted request. This may result in a denial of service (router process crash) or other...

Discussion in 'Nginx and PHP-FPM news & discussions' started by eva2000, Feb 8, 2019.

Previous Thread Next Thread

Feb 8, 2019 #1

eva2000 Administrator Staff Member

58,893

12,490

113

May 24, 2014

Brisbane, Australia

Ratings:

+19,122

Local Time:

1:19 PM

Nginx 1.31.x

MariaDB 10.x/11.4+/12.3+

Hi,

A security issue was identified in NGINX Unit, which might allow an
attacker to cause a heap memory buffer overflow in the router process
with a specially crafted request. This may result in a denial of
service (router process crash) or other unspecified behavior
(CVE-2019-7401).

The issue affects Unit 0.3 - 1.7.
The issue is fixed in Unit 1.7.1.

wbr, Valentin V. Bartenev

_______________________________________________
nginx-announce mailing list
nginx-announce@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-announce

Continue reading...

Previous Thread Next Thread

(You must log in or sign up to reply here.)

Log in / Register

Forums

Join the community today

Nginx [nginx-announce] unit security advisory (CVE-2019-7401)

eva2000 Administrator Staff Member

.

Log in / Register

Useful Searches

Join the community today

Nginx [nginx-announce] unit security advisory (CVE-2019-7401)

eva2000 Administrator Staff Member

.