Skip to content

Commit

Permalink
FIX: update NGINX, NGINX Plus, NJS, and NGINX XSLT module to newest v…
Browse files Browse the repository at this point in the history 
…ersions (#184)

The vulnerability was not applicable to how this project operates but we are updating as a cautionary measure.  Many thanks to @saipraveen88 for flagging the issue.

CVE: GHSA-qppj-fm5r-hxr3
NGINX Blog post on the topic: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/
  • Loading branch information
@4141done
4141done authored Oct 25, 2023
1 parent 085ae0f commit 632bf95
Show file tree
Hide file tree
Showing 4 changed files with 14 additions and 14 deletions.
10 changes: 5 additions & 5 deletions Dockerfile.buildkit.plus
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
FROM debian:bullseye-slim
FROM debian:bookworm-slim

ENV NGINX_PLUS_VERSION 29-1
ENV NGINX_VERSION 1.23.4
ENV NJS_VERSION 29+0.7.12-1
ENV XSLT_VERSION 29-1
ENV NGINX_PLUS_VERSION 30-2
ENV NGINX_VERSION 1.25.1
ENV NJS_VERSION 30+0.8.0-1
ENV XSLT_VERSION 30-1

ENV PROXY_CACHE_MAX_SIZE "10g"
ENV PROXY_CACHE_INACTIVE "60m"
Expand Down
2 changes: 1 addition & 1 deletion Dockerfile.latest-njs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ FROM nginx-s3-gateway
RUN set -eux \
export DEBIAN_FRONTEND=noninteractive; \
apt-get update -qq; \
apt-get install --no-install-recommends --no-install-suggests --yes make gcc libc6-dev curl expect libpcre2-dev libpcre3-dev libedit-dev libreadline-dev libssl-dev libpcre2-posix2 libxml2-dev libxslt1-dev zlib1g-dev; \
apt-get install --no-install-recommends --no-install-suggests --yes make gcc libc6-dev curl expect libpcre2-dev libpcre3-dev libedit-dev libreadline-dev libssl-dev libpcre2-posix3 libxml2-dev libxslt1-dev zlib1g-dev; \
mkdir -p /tmp/nginx /tmp/njs-latest; \
curl --retry 6 --location "https://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz" \
| gunzip | tar --extract --strip-components=1 --directory /tmp/nginx; \
Expand Down
6 changes: 3 additions & 3 deletions Dockerfile.oss
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
FROM nginx:1.24.0
FROM nginx:1.25.3

ENV NGINX_VERSION "1.24.0"
ENV NJS_VERSION 0.7.12
ENV NGINX_VERSION "1.25.3"
ENV NJS_VERSION "0.8.2"

ENV PROXY_CACHE_MAX_SIZE "10g"
ENV PROXY_CACHE_INACTIVE "60m"
Expand Down
10 changes: 5 additions & 5 deletions Dockerfile.plus
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
FROM debian:bullseye-slim
FROM debian:bookworm-slim

ENV NGINX_PLUS_VERSION 29-1
ENV NGINX_VERSION 1.23.4
ENV NJS_VERSION 29+0.7.12-1
ENV XSLT_VERSION 29-1
ENV NGINX_PLUS_VERSION 30-2
ENV NGINX_VERSION 1.25.1
ENV NJS_VERSION 30+0.8.0-1
ENV XSLT_VERSION 30-1

ENV PROXY_CACHE_MAX_SIZE "10g"
ENV PROXY_CACHE_INACTIVE "60m"
Expand Down

0 comments on commit 632bf95

Please sign in to comment.