Nginx Security Update For All Nginx installations upto version 1.4.0

Category : Linux Helpline (Easy Guide)
Posted on : Apr 09, 2019
Views : 1,654
By : Zane P.

Greg MacManus, of iSIGHT Partners Labs, found a security problem
in several recent versions of nginx. A stack-based buffer
overflow might occur in a worker process while handling a
specially crafted request, potentially resulting in arbitrary code
execution (CVE-2013-2028).

The problem affects nginx 1.3.9 – 1.4.0.

The problem is fixed in nginx 1.5.0, 1.4.1.

Patch for the problem can be found here:

http://nginx.org/download/patch.2013.chunked.txt

As a temporary workaround the following configuration

can be used in each server{} block

    if ($http_transfer_encoding ~* chunked) {
        return 444;
    }

UPDATE YOUR CPNGINX :

For updating the cPnginx run the following commands,

# /scripts/installnginx --version=1.4.1

UPDATE YOUR DANGINX :

For updating the Danginx please run the following command,

 
# /usr/local/directadmin/scripts/installnginx --version=1.4.1

Previous Post
CSF Directadmin Issue Permission denied – Solved

Next Post
How to configure Zimbra + CSF – The Best Zimbra Firewall Configuration

Archive Calendar

Sat	Sun	Mon	Tue	Wed	Thu	Fri
	1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30

Over 20000 Satisfied Customers!

Valerie Quinn
CTO, Acteon Group

Centriohost staff were fantastic, I had a concern with a domain and they got back to me very quickly and they helped me to resolve the issue! ~ . . . Read more

Collin Bryan
Photographer, Allister Freeman

I'm using centrio for my portfolio since 2006. The transition was seamless, the support was immediate, and everything works perfectly. ~ . . . Read more

Harry Collett
Actor, A&J Artists

Very easy to understand & use even though I am not very technologically minded. No complications whatsoever & I wouldn't hesitate to recommend it to all. ~ . . . Read more

Porfirio Santos
Technician, Diageo PLC

Centrio support team have been amazingly responsive and helpful to any of my queries, thank you so much to the Centriohost have been amazingly responsive and helpful to any of my queries 👍👍👍 ~ . . . Read more

Catherine Auer
Doctor, SmartClinics

Anytime I've had a problem I can't solve, I've found Centriohost to be diligent and persistent. They simply won't let an issue go until the client is happy. ~ . . . Read more

Effectivo Social
Freelancer, Fiverr

Recommend their shared hosting for all my SME web design clients. Their cloud or VME offerings are too great to deal with. Pricing is perfect and suitable for all users (͠≖ ͜ʖ͠≖) 👌 ~ . . . Read more

CentrioHost Blog