GSA-6374-1: Nginx Security Update (Critical)
Gnoppix Security released a critical update for nginx, fixing an integer overflow in string API functions. This vulnerability could allow a remote attacker to cause a denial of service via crafted input.
Gnoppix 23/25 and Gnoppix 25 users must upgrade nginx immediately.
What the vulnerability does
The flaw exists in memory handling. A crafted string triggers an overflow, crashing the service.
Who is affected
All systems running nginx on Gnoppix 23/25 and Gnoppix 25.
How to fix
Update packages via the standard package manager. Restart nginx after the update.
Critical warning: Delaying this update exposes services to remote crash risk. - Please update your systems.