Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Unresolved
Priority: Major
Fix Version/s: None
Affects Version/s: None
Component/s: quay, quay: deps
Labels:
- triaged

Blocked:
False
Ready:
False

RICE Score:
0

SFDC Cases Links:
SFDC Cases Counter:

Description

What problem/issue/behavior are you having trouble with? What do you expect to see?
For the latest version of Quay image still using Nginx version 1.14.1, according to Nginx Security Advisories, the version of Nginx is Vulnerable to CVE-2019-9511, CVE-2019-9513, and CVE-2019-9516, but our 3.1.1 release note stated 'Updated SCL rh-nginx112 (related to CVE-2019-9511, CVE-2019-9513, CVE-2019-9516)'.

Nginx Security Advisories:

http://nginx.org/en/security_advisories.html

Release Notes:

https://access.redhat.com/documentation/en-us/red_hat_quay/3/html-single/red_hat_quay_release_notes#rn-3-101

What is the business impact? Please also provide timeframe information.
Security Issue

Attachments

Issue Links

is related to

PROJQUAY-3165 Supported nginx version in Quay's container

Closed

PROJQUAY-4227 Supported nginx version in Quay's container

Closed

Activity

People

Assignee:: Unassigned

Reporter:: Ivan C (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 2021/12/08 3:52 PM

Updated:: 2022/12/21 9:12 PM

nginx vulns