Learn about Centmin Mod LEMP Stack today
Register Now

Beta Branch patch Nginx std zlib & Cloudflare zlib for CVE-2022-37434 in 130.00beta01

Discussion in 'Centmin Mod Github Commits' started by eva2000, Sep 3, 2022.

  1. eva2000

    eva2000 Administrator Staff Member

    55,180
    12,251
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,829
    Local Time:
    7:12 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    patch Nginx std zlib & Cloudflare zlib for CVE-2022-37434 in 130.00beta01

    - patch security fix for both standard zlib & Cloudflare zlib libraries used by Nginx for CVE-2022-37434 2116639 – (CVE-2022-37434) CVE-2022-37434 zlib: a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field and https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434
    - also fix GCC routines for zlib for el9's GCC 11 compatibility

    Continue reading...


    130.00beta01 branch

    Support Centmin Mod


    If you find Centmin Mod useful, please help support Centmin Mod
     
  2. eva2000

    eva2000 Administrator Staff Member

    55,180
    12,251
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,829
    Local Time:
    7:12 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Existing users can just run command: cmupdate

    Then run centmin.sh menu option 4 to recompile Nginx's zlib library with the patch.