5209R: Nginx security related update
We just released an updated Nginx (1.14.1) for BlueOnyx 5209R, which addresses various security issues.
BlueOnyx 5209R did included Nginx (1.13.9) as optional HTTPS-proxy. Recently it was discovered that this version of Nginx had multiple vulnerabilities in HTTP/2 (CVE-2018-16843, CVE-2018-16844) and as a result upstream had released nginx-1.14.1 stable and nginx-1.15.6 mainline.
We just rolled up a slightly modified nginx-1.14.1 for BlueOnyx 5209R that addresses our HTTPS-proxy needs and released it to the BlueOnyx 5209R yum repositories.
← Return
General