ELSA-2023-5711

ELSA-2023-5711 - nginx security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2023-10-17

Description

[1:1.20.1-14.0.1.1]
- Resolves: RHEL-12518 - nginx: HTTP/2: Multiple HTTP/2 enabled web servers are
vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)

Related CVEs

CVE-2023-44487

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label
Oracle Linux 9 (aarch64)	nginx-1.20.1-14.0.1.el9_2.1.src.rpm	e26f162fdecb3e57c3cc51ea7bfd2d2fe676bcb5d8c7c66f62004fd78b79d233	-	ol9_aarch64_appstream
	nginx-1.20.1-14.0.1.el9_2.1.src.rpm	e26f162fdecb3e57c3cc51ea7bfd2d2fe676bcb5d8c7c66f62004fd78b79d233	-	ol9_aarch64_codeready_builder
	nginx-1.20.1-14.0.1.el9_2.1.aarch64.rpm	6b764ed11f4f18b9c493ffb0f6841b1c5fc73b8ba03002d85433495bc72b0ffc	-	ol9_aarch64_appstream
	nginx-all-modules-1.20.1-14.0.1.el9_2.1.noarch.rpm	3a5522220394720293c96ffba1a832eedaeb2cd45f8816eed1bd3f4243537e7c	-	ol9_aarch64_appstream
	nginx-core-1.20.1-14.0.1.el9_2.1.aarch64.rpm	b5a9d6b517031b5c6030e275937b5248f3960e7f1d64450980ce7637896d839d	-	ol9_aarch64_appstream
	nginx-filesystem-1.20.1-14.0.1.el9_2.1.noarch.rpm	4c8a115a64c36aab019660a14de4b6098ff09921d46048e5ba99b281e3ba63fb	-	ol9_aarch64_appstream
	nginx-mod-devel-1.20.1-14.0.1.el9_2.1.aarch64.rpm	d54a0befe2ff1268709306d204e678f5b8c2f14e8d55324b5de47df57a57eb11	-	ol9_aarch64_codeready_builder
	nginx-mod-http-image-filter-1.20.1-14.0.1.el9_2.1.aarch64.rpm	3ab39d9b1c05f0992559aa5bfb38fed5286f5db2a791d8bceb57b3e1280f5c19	-	ol9_aarch64_appstream
	nginx-mod-http-perl-1.20.1-14.0.1.el9_2.1.aarch64.rpm	340f428fb016f2b197438699bf2ae601753b0abe3c59d779d5890568b29d550f	-	ol9_aarch64_appstream
	nginx-mod-http-xslt-filter-1.20.1-14.0.1.el9_2.1.aarch64.rpm	82c3011addfb43043921e5a2c5b232a4a177eddd04619af1674665a6514bc876	-	ol9_aarch64_appstream
	nginx-mod-mail-1.20.1-14.0.1.el9_2.1.aarch64.rpm	ad934a54670991a53887e76235a6b3d1d045c42bc791ccb003c6461cacf40804	-	ol9_aarch64_appstream
	nginx-mod-stream-1.20.1-14.0.1.el9_2.1.aarch64.rpm	d31b7beb0dc43f5264fb33919229db84ea6c45d73e0d0fb9ada23a1cb9961d5b	-	ol9_aarch64_appstream
Oracle Linux 9 (x86_64)	nginx-1.20.1-14.0.1.el9_2.1.src.rpm	e26f162fdecb3e57c3cc51ea7bfd2d2fe676bcb5d8c7c66f62004fd78b79d233	-	ol9_x86_64_appstream
	nginx-1.20.1-14.0.1.el9_2.1.src.rpm	e26f162fdecb3e57c3cc51ea7bfd2d2fe676bcb5d8c7c66f62004fd78b79d233	-	ol9_x86_64_codeready_builder
	nginx-1.20.1-14.0.1.el9_2.1.x86_64.rpm	0ed6a05f389cd5864b062fa274485d0083e2bfc02306867cb9397b6cadabf633	-	ol9_x86_64_appstream
	nginx-all-modules-1.20.1-14.0.1.el9_2.1.noarch.rpm	3a5522220394720293c96ffba1a832eedaeb2cd45f8816eed1bd3f4243537e7c	-	ol9_x86_64_appstream
	nginx-core-1.20.1-14.0.1.el9_2.1.x86_64.rpm	f285cd6489ebace3d777ccc46bfcdb084cb4da3c6a69bdc3e6f37f59ca739275	-	ol9_x86_64_appstream
	nginx-filesystem-1.20.1-14.0.1.el9_2.1.noarch.rpm	4c8a115a64c36aab019660a14de4b6098ff09921d46048e5ba99b281e3ba63fb	-	ol9_x86_64_appstream
	nginx-mod-devel-1.20.1-14.0.1.el9_2.1.x86_64.rpm	99d52387e8efd85753bfb95e1623f8d6a7bfda0055c306c0d4b5fbd34563dea0	-	ol9_x86_64_codeready_builder
	nginx-mod-http-image-filter-1.20.1-14.0.1.el9_2.1.x86_64.rpm	871c043bafbd289d0de623948c3ee18600a6f7fb541ce5708176e157d667113b	-	ol9_x86_64_appstream
	nginx-mod-http-perl-1.20.1-14.0.1.el9_2.1.x86_64.rpm	07824e8e0c81cba4229cf555c00723c1019d86eed7adbc25496a2169bd3b8386	-	ol9_x86_64_appstream
	nginx-mod-http-xslt-filter-1.20.1-14.0.1.el9_2.1.x86_64.rpm	b0acf0a56a70dcceabb19a3f68cefe8c4a9eedbc86d8b742b07d856de68f3258	-	ol9_x86_64_appstream
	nginx-mod-mail-1.20.1-14.0.1.el9_2.1.x86_64.rpm	36a2908fc77a779eb51e1919e229d496ff880929e742595b77f126e0d8224307	-	ol9_x86_64_appstream
	nginx-mod-stream-1.20.1-14.0.1.el9_2.1.x86_64.rpm	b3a92df2358ed3e1846d6df071efd676ee62b8bdd0719c3ffee589789ebbf1e6	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team