Security update for nginx SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2017:2003-1 Final 1 1 2017-07-29T09:56:31Z current 2017-07-29T09:56:31Z 2017-07-29T09:56:31Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for nginx This update for nginx fixes the following issues: - CVE-2017-7529: A remote attacker could have used specially crafted requests to trigger an integer overflow the nginx range filter module to leak potentially sensitive information (boo#1048265) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2017-07/msg00109.html E-Mail link for openSUSE-SU-2017:2003-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.2 nginx-1.8.1-10.5.1 nginx-1.8.1-10.5.1 as a component of openSUSE Leap 42.2 Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request. CVE-2017-7529 openSUSE Leap 42.2:nginx-1.8.1-10.5.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-07/msg00109.html https://www.suse.com/security/cve/CVE-2017-7529.html CVE-2017-7529 https://bugzilla.suse.com/1048265 SUSE Bug 1048265