5209R: Nginx security related update

Posted by: mstauber Category: General

We just released an updated Nginx (1.14.1) for BlueOnyx 5209R, which addresses various security issues.

BlueOnyx 5209R did included Nginx (1.13.9) as optional HTTPS-proxy. Recently it was discovered that this version of Nginx had multiple vulnerabilities in HTTP/2  (CVE-2018-16843, CVE-2018-16844) and as a result upstream had released nginx-1.14.1 stable and nginx-1.15.6 mainline.

We just rolled up a slightly modified nginx-1.14.1 for BlueOnyx 5209R that addresses our HTTPS-proxy needs and released it to the BlueOnyx 5209R yum repositories.


Return
General
Nov 12, 2018 Category: General Posted by: mstauber
Previous page: Development Next page: Mailing List