Welcome! Log In Create A New Profile

Advanced

Can I patch a security vulnerability instead of upgrading nginx?

Posted by cpl 
Forum List Message List New Topic
cpl
Can I patch a security vulnerability instead of upgrading nginx?
March 04, 2015 01:25AM
Hi,

There is this nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability affects below nginx 1.1.0

The recommended solution is to upgrade to nginx 1.1.0 and above.
http://www.tenable.com/pvs-plugins/6456

Usually when perfoming such major upgrade on nginx, it will probably introduce to more issues related compatibility or errors etc.
May I know is there any patch which I can applied to this on nginx 1.0.5 instead of upgrading the whole nginx?

Please advise.
Thanks.
Reply Quote
itpp2012
Re: Can I patch a security vulnerability instead of upgrading nginx?
March 04, 2015 08:20AM
Patching may bring more issues then a full upgrade, either to the stable branch or the latest branch. Best advice is to bring it to the latest branch on a proper test system to work out any issues.

---
nginx for Windows http://nginx-win.ecsds.eu/
Reply Quote
Newer Topic Older Topic
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 187
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready