Hi,
CVE-2019-20372 mentioned a security vulnerability, but I don't see it in
http://nginx.org/en/security_advisories.html
CVE-2019-20372 did say a fix in nginx 1.17.7. When I check the CHANGES
http://nginx.org/en/CHANGES-1.18, I see bugfix:
*) Bugfix: requests with bodies were handled incorrectly when returning
redirections with the "error_page" directive; the bug had appeared in
0.7.12.
Are those the same thing from this commit
https://github.com/nginx/nginx/commit/c1be55f97211d38b69ac0c2027e6812ab8b1b94e?
Is this really a vulnerability? under what conditions?
Thanks!
Frank
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx