Peb qhov teeb meem tau txheeb xyuas hauv nginx web server (CVE-2019-9511, CVE-2019-9513, CVE-2019-9516) uas ua rau muaj kev nco ntau dhau thaum siv lub module ngx_http_v2_module thiab siv los ntawm HTTP / 2 raws tu qauv. Qhov teeb meem cuam tshuam rau versions ntawm 1.9.5 txog 1.17.2. Txhim kho tau ua rau nginx 1.16.1 ( ceg ruaj khov) thiab 1.17.3 (mainstream). Cov teeb meem tau pom los ntawm Jonathan Looney ntawm Netflix.
Tso tawm 1.17.3 suav nrog ob qho kev kho ntxiv:
- Kho: thaum siv compression, "zero size buf" cov lus tuaj yeem tshwm hauv cov cav; Cov kab no tshwm sim hauv 1.17.2.
- Kho: Ib qho kev ua txhaum segmentation tuaj yeem tshwm sim hauv cov txheej txheem neeg ua haujlwm thaum siv cov lus qhia daws teeb meem hauv SMTP npe.
Tau qhov twg los: linux.org.ru ua