ArchLinux: 201601-31: nginx: denial of service
Summary
- CVE-2016-0742 (denial of service)
Invalid pointer dereference might occur during DNS server response
processing if the "resolver" directive was used, allowing an
attacker who is able to forge UDP packets from the DNS server to
cause segmentation fault in a worker process.
- CVE-2016-0746 (denial of service)
Use-after-free condition might occur during CNAME response
processing if the "resolver" directive was used, allowing an attacker
who is able to trigger name resolution to cause segmentation fault in
a worker process, or might have potential other impact.
- CVE-2016-0747 (denial of service)
CNAME resolution was insufficiently limited if the
"resolver" directive was used, allowing an attacker who is able to
trigger arbitrary name resolution to cause excessive resource
consumption in worker processes.
Resolution
Upgrade to 1.8.1-1
# pacman -Syu "nginx>=1.8.1-1"
The problems have been fixed upstream in version 1.8.1.
References
https://mailman.nginx.org/pipermail/nginx-announce/2016/000168.html
Workaround
None.