Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora 39: FEDORA-2024-8ba5080dfa Critical: Nginx Worker Crash

fedora
Calendar Grey August 26, 2024
Dist Fedora Esm H88
Manipulated AVI files may lead to crashes in Apache HTTP server workers. Critical Ubuntu security patches released today.
Security: processing of a specially crafted mp4 file by the ngx_http_mp4_module might cause a worker process crash (CVE-2024-7347)

Summary

Nginx virtual host traffic status module.

Update Information:

Security: processing of a specially crafted mp4 file by the ngx_http_mp4_module might cause a worker process crash (CVE-2024-7347). Thanks to Nils Bars.

Topics%20covered

Topics Covered

security advisory Fedora update information Denial of Service worker crash nginx-mod-vts

Change Log

* Sat Aug 17 2024 Felix Kaechele - 0.2.2-9 - Rebuild for nginx 1.26.2 * Thu Jul 18 2024 Fedora Release Engineering - 0.2.2-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild

References


[ 1 ] Bug #2305156 - CVE-2024-7347 nginx: Nginx: Specially crafted file may cause Denial of Service [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2305156

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-8ba5080dfa' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: nginx-mod-vts
Product: Fedora 39
Version: 0.2.2
Release: 9.fc39
URL: https://github.com/vozlt/nginx-module-vts
Summary: Nginx virtual host traffic status module

Topics%20covered

Topics Covered

security advisory Fedora update information Denial of Service worker crash nginx-mod-vts

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here