diff options
| author | Changqing Li <changqing.li@windriver.com> | 2025-03-04 08:50:28 +0800 |
|---|---|---|
| committer | Armin Kuster <akuster808@gmail.com> | 2025-03-06 09:48:58 -0500 |
| commit | fedd8cf51d6f6a2846bc266a9934e6d218bc2de6 (patch) | |
| tree | a5d981349c533d1a05c190dad6e5a4a3c9286151 /meta-python | |
| parent | 6abfd35755938a30890e909854d39e379230571c (diff) | |
| download | meta-openembedded-fedd8cf51d6f6a2846bc266a9934e6d218bc2de6.tar.gz | |
nginx: fix CVE-2025-23419
CVE-2025-23419:
When multiple server blocks are configured to share the same IP address
and port, an attacker can use session resumption to bypass client
certificate authentication requirements on these servers. This
vulnerability arises when TLS Session Tickets
https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_session_ticket_key
are used and/or the SSL session cache
https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_session_cache
are used in the default server and the default server is performing
client certificate authentication. Note: Software versions which have
reached End of Technical Support (EoTS) are not evaluated.
Refer:
https://nvd.nist.gov/vuln/detail/CVE-2025-23419
This partially cherry picked from commit
13935cf9fdc3c8d8278c70716417d3b71c36140e, the original patch had 2
parts. One fixed problem in `http/ngx_http_request` module and the
second fixed problem in `stream/ngx_stream_ssl_module` module. The fix
for `stream/ngx_stream_ssl_module can't be aplied because, the 'stream
virtual servers' funcionality was added later in this commit:
https://github.com/nginx/nginx/commit/d21675228a0ba8d4331e05c60660228a5d3326de.
Therefore only `http/ngx_http_request` part was backported.
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta-python')
0 files changed, 0 insertions, 0 deletions