Update Nginx to 9.1.5 (For Linux)
Risk Information
CVE Information
CVE-2013-2028
Associated CVE
CVE-2013-2028
CVE-2009-2629
CVE-2009-4487
CVE-2010-2263
CVE-2013-4547
CVE-2014-0133
CVE-2017-7529
CVE-2016-0746
CVE-2012-2089
CVE-2014-0088
CVE-2016-1247
CVE-2014-3616
CVE-2009-3898
CVE-2011-4963
CVE-2013-2070
CVE-2011-4315
CVE-2014-3556
CVE-2010-2266
CVE-2012-1180
CVE-2016-0742
CVE-2016-4450
CVE-2009-3896
CVE-2013-0337
CVE-2016-0747
Patch Details
No records found
References
http://secunia.com/advisories/48577
http://security.gentoo.org/glsa/glsa-201203-22.xml
http://www.openwall.com/lists/oss-security/2009/11/20/1
http://www.openwall.com/lists/oss-security/2009/11/23/10
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html
http://lists.opensuse.org/opensuse-updates/2014-03/msg00095.html
http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html
http://www.securityfocus.com/bid/66537
http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html
http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html
http://www.debian.org/security/2016/dsa-3473
http://www.securitytracker.com/id/1034869
http://www.ubuntu.com/usn/USN-2892-1
https://access.redhat.com/errata/RHSA-2016:1425
https://bto.bluecoat.com/security-advisory/sa115
https://bugzilla.redhat.com/show_bug.cgi?id=1302587
https://security.gentoo.org/glsa/201606-06
https://bugzilla.redhat.com/show_bug.cgi?id=1302588
https://bugzilla.redhat.com/show_bug.cgi?id=1302589
http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html
http://www.debian.org/security/2016/dsa-3592
http://www.securityfocus.com/bid/90967
http://www.securitytracker.com/id/1036019
http://www.ubuntu.com/usn/USN-2991-1
http://nginx.net/CHANGES
http://nginx.net/CHANGES-0.5
http://nginx.net/CHANGES-0.6
http://nginx.net/CHANGES-0.7
http://www.debian.org/security/2009/dsa-1884
http://www.kb.cert.org/vuls/id/180065
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=552035
http://marc.info/?l=nginx&m=125692080328141&w=2
http://www.debian.org/security/2009/dsa-1920
http://www.openwall.com/lists/oss-security/2009/11/20/6
http://www.securityfocus.com/bid/36839
https://bugzilla.redhat.com/show_bug.cgi?id=539565
http://archives.neohapsis.com/archives/fulldisclosure/2009-09/0379.html
http://marc.info/?l=oss-security&m=125897327321676&w=2
http://marc.info/?l=oss-security&m=125897425223039&w=2
http://marc.info/?l=oss-security&m=125900327409842&w=2
http://secunia.com/advisories/36818
http://www.securityfocus.com/archive/1/archive/1/508830/100/0/threaded
http://www.securityfocus.com/bid/37711
http://www.ush.it/team/ush/hack_httpd_escape/adv.txt
http://spa-s3c.blogspot.com/2010/06/full-responsible-disclosurenginx-engine.html
http://www.securityfocus.com/bid/40760
http://lists.fedoraproject.org/pipermail/package-announce/2011-December/070569.html
http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00005.html
http://openwall.com/lists/oss-security/2011/11/17/10
http://openwall.com/lists/oss-security/2011/11/17/8
http://secunia.com/advisories/47097
http://trac.nginx.org/nginx/changeset/4268/nginx
http://www.nginx.org/en/CHANGES-1.0
http://www.securityfocus.com/bid/50710
http://english.securitylab.ru/lab/PT-2012-06
http://mailman.nginx.org/pipermail/nginx-announce/2012/000086.html
http://nginx.org/en/security_advisories.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077966.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076646.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076671.html
http://nginx.org/download/patch.2012.memory.txt
http://osvdb.org/80124
http://seclists.org/bugtraq/2012/Mar/65
http://secunia.com/advisories/48465
http://trac.nginx.org/nginx/changeset/4530/nginx
http://trac.nginx.org/nginx/changeset/4531/nginx
http://www.debian.org/security/2012/dsa-2434
http://www.openwall.com/lists/oss-security/2012/03/15/5
http://www.openwall.com/lists/oss-security/2012/03/15/9
http://www.securityfocus.com/bid/52578
http://www.securitytracker.com/id?1026827
https://bugzilla.redhat.com/show_bug.cgi?id=803856
https://exchange.xforce.ibmcloud.com/vulnerabilities/74191
https://hermes.opensuse.org/messages/14173096
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079388.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079467.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079474.html
http://www.openwall.com/lists/oss-security/2012/04/12/9
http://www.securityfocus.com/bid/52999
http://www.securitytracker.com/id?1026924
https://exchange.xforce.ibmcloud.com/vulnerabilities/74831
http://secunia.com/advisories/55181
http://security.gentoo.org/glsa/glsa-201310-04.xml
http://www.openwall.com/lists/oss-security/2013/02/21/15
http://www.openwall.com/lists/oss-security/2013/02/22/1
http://www.openwall.com/lists/oss-security/2013/02/24/1
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105176.html
http://mailman.nginx.org/pipermail/nginx-announce/2013/000112.html
http://nginx.org/download/patch.2013.chunked.txt
http://packetstormsecurity.com/files/121675/Nginx-1.3.9-1.4.0-Denial-Of-Service.html
http://www.osvdb.org/93037
http://www.securityfocus.com/bid/59699
http://www.vnsecurity.net/2013/05/analysis-of-nginx-cve-2013-2028/
https://github.com/rapid7/metasploit-framework/pull/1834
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105950.html
http://mailman.nginx.org/pipermail/nginx-announce/2013/000114.html
http://nginx.org/download/patch.2013.proxy.txt
http://seclists.org/oss-sec/2013/q2/291
http://www.debian.org/security/2013/dsa-2721
http://www.openwall.com/lists/oss-security/2013/05/13/3
http://www.securityfocus.com/bid/59824
https://bugzilla.redhat.com/show_bug.cgi?id=962525
https://exchange.xforce.ibmcloud.com/vulnerabilities/84172
http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00007.html
http://lists.opensuse.org/opensuse-updates/2013-11/msg00084.html
http://lists.opensuse.org/opensuse-updates/2013-11/msg00118.html
http://lists.opensuse.org/opensuse-updates/2013-11/msg00119.html
http://mailman.nginx.org/pipermail/nginx-announce/2013/000125.html
http://secunia.com/advisories/55757
http://secunia.com/advisories/55822
http://secunia.com/advisories/55825
http://www.debian.org/security/2012/dsa-2802
http://mailman.nginx.org/pipermail/nginx-announce/2014/000132.html
http://www.securitytracker.com/id/1030150
http://mailman.nginx.org/pipermail/nginx-announce/2014/000144.html
http://marc.info/?l=bugtraq&m=142103967620673&w=2
http://nginx.org/download/patch.2014.starttls.txt
https://bugzilla.redhat.com/show_bug.cgi?id=1126891
http://mailman.nginx.org/pipermail/nginx-announce/2014/000147.html
http://www.debian.org/security/2014/dsa-3029
http://packetstormsecurity.com/files/139750/Nginx-Debian-Based-Distros-Root-Privilege-Escalation.html
http://seclists.org/fulldisclosure/2016/Nov/78
http://seclists.org/fulldisclosure/2017/Jan/33
http://www.debian.org/security/2016/dsa-3701
http://www.securityfocus.com/archive/1/archive/1/539796/100/0/threaded
http://www.securityfocus.com/bid/93903
http://www.securitytracker.com/id/1037104
http://www.ubuntu.com/usn/USN-3114-1
https://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html
https://security.gentoo.org/glsa/201701-22
https://www.exploit-db.com/exploits/40768/
https://www.youtube.com/watch?v=aTswN1k1fQs
http://mailman.nginx.org/pipermail/nginx-announce/2017/000200.html
http://www.securityfocus.com/bid/99534
http://www.securitytracker.com/id/1039238
https://access.redhat.com/errata/RHSA-2017:2538
https://puppet.com/security/cve/cve-2017-7529
http://nginx.org/en/download.html