group.of.nepali.translators team mailing list archive

Thread
Date

[Bug 1704151] Re: Security Advisory - July 11 2017: CVE-2017-7529

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Thomas Ward <teward@xxxxxxxxxxx>
Date: Thu, 13 Jul 2017 19:00:54 -0000
Reply-to: Bug 1704151 <1704151@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: nginx (Ubuntu Zesty)
       Status: Confirmed => Fix Released

** Changed in: nginx (Ubuntu Yakkety)
       Status: Confirmed => Fix Released

** Changed in: nginx (Ubuntu Xenial)
       Status: Confirmed => Fix Released

** Changed in: nginx (Ubuntu Trusty)
       Status: Confirmed => Won't Fix

** Changed in: nginx (Ubuntu Trusty)
       Status: Won't Fix => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1704151

Title:
  Security Advisory - July 11 2017: CVE-2017-7529

Status in nginx package in Ubuntu:
  In Progress
Status in nginx source package in Trusty:
  Fix Released
Status in nginx source package in Xenial:
  Fix Released
Status in nginx source package in Yakkety:
  Fix Released
Status in nginx source package in Zesty:
  Fix Released
Status in nginx source package in Artful:
  In Progress

Bug description:
  It was reported by NGINX that there was a security vulnerability.
  Specifically that:

  A specially crafted request might result in an integer overflow and
  incorrect processing of ranges in the range filter, potentially
  resulting in sensitive information leak.

  ------

  Refer to original notice here: http://mailman.nginx.org/pipermail
  /nginx-announce/2017/000200.html

  Copy of the message contents below:

  Hello!

  A security issue was identified in nginx range filter.  A specially
  crafted request might result in an integer overflow and incorrect
  processing of ranges, potentially resulting in sensitive information
  leak (CVE-2017-7529).

  When using nginx with standard modules this allows an attacker to
  obtain a cache file header if a response was returned from cache.
  In some configurations a cache file header may contain IP address
  of the backend server or other sensitive information.

  Besides, with 3rd party modules it is potentially possible that
  the issue may lead to a denial of service or a disclosure of
  a worker process memory.  No such modules are currently known though.

  The issue affects nginx 0.5.6 - 1.13.2.
  The issue is fixed in nginx 1.13.3, 1.12.1.

  For older versions, the following configuration can be used
  as a temporary workaround:

      max_ranges 1;

  Patch for the issue can be found here:

  http://nginx.org/download/patch.2017.ranges.txt

  
  -- 
  Maxim Dounin
  http://nginx.org/

  ------

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1704151/+subscriptions