An integer overflow vunlerability in nginx range filter module in ngx_http_range_parse() function was found, potentially resulting in memory disclosure when used with 3rd party modules. Issue can be triggered by specially crafted http range request resulting into leaking the content of the cache file header.
Acknowledgments: Name: the Nginx project
Patch: https://nginx.org/download/patch.2017.ranges.txt
Upstream advisory: External References: http://mailman.nginx.org/pipermail/nginx-announce/2017/000200.html
Created nginx tracking bugs for this issue: Affects: epel-all [bug 1469925] Affects: fedora-all [bug 1469924]
Statement: Red Hat Product Security has rated this issue as having Low security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 6 Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7 Red Hat Software Collections for Red Hat Enterprise Linux 7.3 EUS Via RHSA-2017:2538 https://access.redhat.com/errata/RHSA-2017:2538