Kindly confirm if CVE-2021-23017 is fixed in nginx=1.18.0-6ubuntu14.3

Asked by Rajesh Mylapore Jayavelu

Kindly confirm if CVE-2021-23017 is fixed in nginx=1.18.0-6ubuntu14.3 as im unable to check the change log

Question information

Language:
English Edit question
Status:
Solved
For:
Ubuntu nginx Edit question
Assignee:
No assignee Edit question
Solved by:
Thomas Ward
Solved:
Last query:
Last reply:
Revision history for this message
Rajesh Mylapore Jayavelu (rajeshjayavelu) said :
#2

Ign:1 https://changelogs.ubuntu.com nginx 1.18.0-6ubuntu14.3 Changelog
Ign:1 https://changelogs.ubuntu.com nginx 1.18.0-6ubuntu14.3 Changelog
Ign:1 https://changelogs.ubuntu.com nginx 1.18.0-6ubuntu14.3 Changelog
Err:1 https://changelogs.ubuntu.com nginx 1.18.0-6ubuntu14.3 Changelog
  Changelog unavailable for nginx=1.18.0-6ubuntu14.3 (Could not handshake: Error in the pull function. [IP: XXXXXXXX 443])
E: Failed to fetch https://changelogs.ubuntu.com/changelogs/pool/main/n/nginx/nginx_1.18.0-6ubuntu14.3/changelog Changelog unavailable for nginx=1.18.0-6ubuntu14.3 (Could not handshake: Error in the pull function. [IP: XXXXXX 443])

Revision history for this message
Best Thomas Ward (teward) said :
#3

the Ubuntu CVE tracker contains this info too.

https://ubuntu.com/security/CVE-2021-23017

This is marked as fixed in all Ubuntu releases so yes it's fixed.

Revision history for this message
Bernard Stafford (bernard010) said :
#4
Revision history for this message
Rajesh Mylapore Jayavelu (rajeshjayavelu) said :
#5

nginx=1.18.0-6ubuntu14.3 has been installed on top of Ubuntu 20.4 docker image.

Revision history for this message
Rajesh Mylapore Jayavelu (rajeshjayavelu) said :
#6

Thanks Thomas Ward, that solved my question.