https://redmine.pfsense.org/https://redmine.pfsense.org/favicon.ico?16780521162021-06-18T13:09:04ZpfSense bugtrackerpfSense - Bug #12061: Update NGINX to address CVE-2021-23017https://redmine.pfsense.org/issues/12061?journal_id=546242021-06-18T13:09:04ZJim Pingle
<ul></ul><p><a class="external" href="http://nginx.org/en/CHANGES">http://nginx.org/en/CHANGES</a> shows it's fixed in 1.20.1, but 1.20.1 is not yet in the ports tree: <a class="external" href="https://github.com/freebsd/freebsd-ports/blob/main/www/nginx/Makefile">https://github.com/freebsd/freebsd-ports/blob/main/www/nginx/Makefile</a></p> pfSense - Bug #12061: Update NGINX to address CVE-2021-23017https://redmine.pfsense.org/issues/12061?journal_id=546682021-06-21T18:37:10ZRenato Botelhorenato@netgate.com
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>Feedback</i></li><li><strong>Assignee</strong> set to <i>Renato Botelho</i></li></ul><p>I've cherry-picked commits to upgrade it to 1.20.1,2 on RELENG_2_5_2. Development branches will get it on next round of merges from upstream</p> pfSense - Bug #12061: Update NGINX to address CVE-2021-23017https://redmine.pfsense.org/issues/12061?journal_id=546812021-06-22T12:45:03ZJim Pingle
<ul><li><strong>Subject</strong> changed from <i>Update NGINX to Fix Vulnerability</i> to <i>Update NGINX to address CVE-2021-23017</i></li><li><strong>Status</strong> changed from <i>Feedback</i> to <i>Closed</i></li><li><strong>Plus Target Version</strong> changed from <i>Plus-Next</i> to <i>21.09</i></li></ul><p><code>nginx-1.20.1,2</code> is in the latest test build. GUI, XMLRPC, and captive portal are all working as expected.</p>
<p>While I'm here, update subject for the release notes.</p> pfSense - Bug #12061: Update NGINX to address CVE-2021-23017https://redmine.pfsense.org/issues/12061?journal_id=560442021-08-26T12:15:45ZJim Pingle
<ul><li><strong>Category</strong> changed from <i>Web Interface</i> to <i>Operating System</i></li></ul> pfSense - Bug #12061: Update NGINX to address CVE-2021-23017https://redmine.pfsense.org/issues/12061?journal_id=570372021-10-27T11:59:35ZJim Pingle
<ul><li><strong>Plus Target Version</strong> changed from <i>21.09</i> to <i>22.01</i></li></ul>