Red Hat Bugzilla – Bug 1302334
nginx: update for CVE-2016-0742, CVE-2016-0746, CVE-2016-0747 [epel-7]
Last modified: 2017-05-09 04:45:51 EDT
Description of problem:
Current version of Nginx 1.6.3 in EPEL is out-dated and contains vulnerabilities.
Solution: rebase to Nginx 1.8.1
I pushed nginx-1.6.3-8.el7 yesterday with fixes for these CVEs. Please give karma. The update hasn't actually hit updates-testing yet so you will need to download the builds from koji.
I think this one can be safely closed since nginx 1.10 has been in EPEL 7 since Sep 7, 2016: