USN-5722-1: nginx vulnerabilities
15 November 2022
Several security issues were fixed in nginx.
Releases
Packages
- nginx - small, powerful, scalable web/proxy server
Details
It was discovered that nginx incorrectly handled certain memory operations in
the ngx_http_mp4_module module. A local attacker could possibly use this issue
with a specially crafted mp4 file to cause nginx to crash, stop responding, or
access arbitrary memory. (CVE-2022-41741, CVE-2022-41742)
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 22.10
-
nginx-common
-
1.22.0-1ubuntu1.1
-
nginx-light
-
1.22.0-1ubuntu1.1
-
nginx-extras
-
1.22.0-1ubuntu1.1
-
nginx-core
-
1.22.0-1ubuntu1.1
-
nginx
-
1.22.0-1ubuntu1.1
-
nginx-full
-
1.22.0-1ubuntu1.1
Ubuntu 22.04
-
nginx-common
-
1.18.0-6ubuntu14.3
-
nginx-light
-
1.18.0-6ubuntu14.3
-
nginx-extras
-
1.18.0-6ubuntu14.3
-
nginx-core
-
1.18.0-6ubuntu14.3
-
nginx
-
1.18.0-6ubuntu14.3
-
nginx-full
-
1.18.0-6ubuntu14.3
Ubuntu 20.04
-
nginx-common
-
1.18.0-0ubuntu1.4
-
nginx-light
-
1.18.0-0ubuntu1.4
-
nginx-extras
-
1.18.0-0ubuntu1.4
-
nginx-core
-
1.18.0-0ubuntu1.4
-
nginx
-
1.18.0-0ubuntu1.4
-
nginx-full
-
1.18.0-0ubuntu1.4
Ubuntu 18.04
-
nginx-common
-
1.14.0-0ubuntu1.11
-
nginx-light
-
1.14.0-0ubuntu1.11
-
nginx-extras
-
1.14.0-0ubuntu1.11
-
nginx-core
-
1.14.0-0ubuntu1.11
-
nginx
-
1.14.0-0ubuntu1.11
-
nginx-full
-
1.14.0-0ubuntu1.11
Ubuntu 16.04
-
nginx-extras
-
1.10.3-0ubuntu0.16.04.5+esm5
Available with Ubuntu Pro
-
nginx-core
-
1.10.3-0ubuntu0.16.04.5+esm5
Available with Ubuntu Pro
-
nginx-common
-
1.10.3-0ubuntu0.16.04.5+esm5
Available with Ubuntu Pro
-
nginx-full
-
1.10.3-0ubuntu0.16.04.5+esm5
Available with Ubuntu Pro
-
nginx
-
1.10.3-0ubuntu0.16.04.5+esm5
Available with Ubuntu Pro
-
nginx-light
-
1.10.3-0ubuntu0.16.04.5+esm5
Available with Ubuntu Pro
Ubuntu 14.04
-
nginx-extras
-
1.4.6-1ubuntu3.9+esm4
Available with Ubuntu Pro
-
nginx-core
-
1.4.6-1ubuntu3.9+esm4
Available with Ubuntu Pro
-
nginx-common
-
1.4.6-1ubuntu3.9+esm4
Available with Ubuntu Pro
-
nginx-full
-
1.4.6-1ubuntu3.9+esm4
Available with Ubuntu Pro
-
nginx
-
1.4.6-1ubuntu3.9+esm4
Available with Ubuntu Pro
-
nginx-light
-
1.4.6-1ubuntu3.9+esm4
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.