What is the severity of RHSA-2021:2278?

The severity of RHSA-2021:2278 is classified as important.

How do I fix RHSA-2021:2278?

To fix RHSA-2021:2278, update to version 1.16.1-6.el7 or later of the affected packages.

Which versions of nginx are affected by RHSA-2021:2278?

Versions up to and including 1.16.1-6.el7 of nginx are affected by RHSA-2021:2278.

What is the CVE associated with RHSA-2021:2278?

RHSA-2021:2278 is associated with CVE-2021-23017, which describes an off-by-one error in nginx.

Which Red Hat packages need to be updated for RHSA-2021:2278?

The affected Red Hat packages include rh-nginx116-nginx and its related modules and debuginfo packages.

Vulnerability/
RHSA-2021:2278

7/6/2021

RHSA-2021:2278: Important: rh-nginx116-nginx security update

First published: Mon Jun 07 2021(Updated: )

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. <br>Security Fix(es):<br><li> nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name (CVE-2021-23017)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Software	Affected Version	How to fix
redhat/rh-nginx116-nginx	<1.16.1-6.el7	1.16.1-6.el7
redhat/rh-nginx116-nginx	<1.16.1-6.el7	1.16.1-6.el7
redhat/rh-nginx116-nginx-debuginfo	<1.16.1-6.el7	1.16.1-6.el7
redhat/rh-nginx116-nginx-mod-http-image-filter	<1.16.1-6.el7	1.16.1-6.el7
redhat/rh-nginx116-nginx-mod-http-perl	<1.16.1-6.el7	1.16.1-6.el7
redhat/rh-nginx116-nginx-mod-http-xslt-filter	<1.16.1-6.el7	1.16.1-6.el7
redhat/rh-nginx116-nginx-mod-mail	<1.16.1-6.el7	1.16.1-6.el7
redhat/rh-nginx116-nginx-mod-stream	<1.16.1-6.el7	1.16.1-6.el7
redhat/rh-nginx116-nginx-debuginfo	<1.16.1-6.el7	1.16.1-6.el7
redhat/rh-nginx116-nginx-mod-http-image-filter	<1.16.1-6.el7	1.16.1-6.el7
redhat/rh-nginx116-nginx-mod-http-perl	<1.16.1-6.el7	1.16.1-6.el7
redhat/rh-nginx116-nginx-mod-http-xslt-filter	<1.16.1-6.el7	1.16.1-6.el7
redhat/rh-nginx116-nginx-mod-mail	<1.16.1-6.el7	1.16.1-6.el7
redhat/rh-nginx116-nginx-mod-stream	<1.16.1-6.el7	1.16.1-6.el7
redhat/rh-nginx116-nginx	<1.16.1-6.el7	1.16.1-6.el7
redhat/rh-nginx116-nginx-debuginfo	<1.16.1-6.el7	1.16.1-6.el7
redhat/rh-nginx116-nginx-mod-http-image-filter	<1.16.1-6.el7	1.16.1-6.el7
redhat/rh-nginx116-nginx-mod-http-perl	<1.16.1-6.el7	1.16.1-6.el7
redhat/rh-nginx116-nginx-mod-http-xslt-filter	<1.16.1-6.el7	1.16.1-6.el7
redhat/rh-nginx116-nginx-mod-mail	<1.16.1-6.el7	1.16.1-6.el7
redhat/rh-nginx116-nginx-mod-stream	<1.16.1-6.el7	1.16.1-6.el7

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of RHSA-2021:2278?
The severity of RHSA-2021:2278 is classified as important.
How do I fix RHSA-2021:2278?
To fix RHSA-2021:2278, update to version 1.16.1-6.el7 or later of the affected packages.
Which versions of nginx are affected by RHSA-2021:2278?
Versions up to and including 1.16.1-6.el7 of nginx are affected by RHSA-2021:2278.
What is the CVE associated with RHSA-2021:2278?
RHSA-2021:2278 is associated with CVE-2021-23017, which describes an off-by-one error in nginx.
Which Red Hat packages need to be updated for RHSA-2021:2278?
The affected Red Hat packages include rh-nginx116-nginx and its related modules and debuginfo packages.

agent/severity
agent/type
agent/softwarecombine
agent/first-publish-date
agent/last-modified-date
collector/redhat-errata
source/Red Hat
anchor-id/RHSA-2021:2278
agent/software-canonical-lookup
agent/references
agent/remedy
agent/title
agent/description
agent/event
agent/trending
agent/tags
agent/source
package-manager/redhat