Question about CVE-2021-23017
alex-wearisma opened this issue · 2 comments
alex-wearisma commented
Hello,
Nginx published security advisory: "1-byte memory overwrite in resolver" [1]. This vulnerability affects Nginx versions 0.6.18-1.20.0. The latest version of Nginx in this build pack is 1.20.0. Does the version included in the build pack covers the vulnerability, and if not, would it be possible to update it to version 1.20.1?
Thank you!
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23017
[2] #80
beanieboi commented
thx, I released a new version with 1.20.1
alex-wearisma commented
Thank you, @beanieboi !