Arch Linux: ASA-202303-15 Critical: Nginx-Mainline Vulnerability Patch

Arch Linux Security Advisory ASA-201701-24
=========================================
Severity: High
Date    : 2017-01-15
CVE-ID  : CVE-2016-1247
Package : nginx-mainline
Type    : privilege escalation
Remote  : No
Link    : https://security.archlinux.org/AVG-139

Summary
======
The package nginx-mainline before version 1.11.8-2 is vulnerable to
privilege escalation.

Resolution
=========
Upgrade to 1.11.8-2.

# pacman -Syu "nginx-mainline>=1.11.8-2"

The problem has been fixed upstream but no release is available yet.

Workaround
=========
None.

Description
==========
A symlink attack vulnerability was discovered in nginx. An attacker who
could already run commands under the nginx user id could use this
access to append data to files owned by root, potentially elevating
their own privileges to root.

Impact
=====
A remote attacker who managed to compromise a web application is able
to obtain root privileges on the affected host.

References
=========
https://bugs.archlinux.org/task/52547
https://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html
https://security.archlinux.org/CVE-2016-1247