[Pkg-nginx-maintainers] Bug#986787: CVE-2020-36309
Moritz Muehlenhoff
jmm at debian.org
Mon Apr 12 09:42:52 BST 2021
Package: libnginx-mod-http-lua
Severity: important
Tags: security
X-Debbugs-Cc: Debian Security Team <team at security.debian.org>
Hi,
this affects the lua module as bundled in the Debian nginx package
(originally reported/fixed by OpenResty), not sure what the canonical
upstream repo is for that module:
https://github.com/openresty/lua-nginx-module/compare/v0.10.15...v0.10.16
https://github.com/openresty/lua-nginx-module/pull/1654
Cheers,
Moritz
More information about the Pkg-nginx-maintainers
mailing list