starred/docker-nginx-full
1
0
Fork 0
mirror of https://github.com/NginxProxyManager/docker-nginx-full.git synced 2026-04-24 22:55:58 +03:00
Code Issues 19 Projects Releases Packages Wiki Activity

[GH-ISSUE #1] OpenSSL needs urgent update (CVE-2021-3711 and CVE-2021-3712) #2

New issue
Closed
opened 2026-02-27 14:58:04 +03:00 by kerem · 2 comments
kerem commented 2026-02-27 14:58:04 +03:00
Owner
Copy link

Originally created by @mgutt on GitHub (Aug 31, 2021).
Original GitHub issue: https://github.com/NginxProxyManager/docker-nginx-full/issues/1

This Debian release contains OpenSSL 1.1.1d, but we need 1.1.1l:
https://www.openssl.org/news/secadv/20210824.txt

image

image

EDIT: Ok, I found out that Debian fixed 1.1.1d, so we don't need to update to 1.1.1l:
https://security-tracker.debian.org/tracker/CVE-2021-3711

Verified as follows:

apt list -a openssl
Listing... Done
openssl/oldstable,now 1.1.1d-0+deb10u7 amd64 [installed]
openssl/oldstable 1.1.1d-0+deb10u6 amd64
Originally created by @mgutt on GitHub (Aug 31, 2021). Original GitHub issue: https://github.com/NginxProxyManager/docker-nginx-full/issues/1 This Debian release contains OpenSSL 1.1.1d, but we need 1.1.1l: https://www.openssl.org/news/secadv/20210824.txt ![image](https://user-images.githubusercontent.com/10757176/131495302-7b9d6f93-4740-4798-92f1-661156e4d23f.png) ![image](https://user-images.githubusercontent.com/10757176/131499393-d573d0d4-9e43-4eeb-8c10-13677dcdddac.png) EDIT: Ok, I found out that Debian fixed 1.1.1d, so we don't need to update to 1.1.1l: https://security-tracker.debian.org/tracker/CVE-2021-3711 Verified as follows: ``` apt list -a openssl Listing... Done openssl/oldstable,now 1.1.1d-0+deb10u7 amd64 [installed] openssl/oldstable 1.1.1d-0+deb10u6 amd64 ```
kerem closed this issue 2026-02-27 14:58:04 +03:00
kerem commented 2026-02-27 14:58:05 +03:00
Author
Owner
Copy link

@jc21 commented on GitHub (Sep 1, 2021):

Feel free to create a PR to install your required version here.

<!-- gh-comment-id:909865698 --> @jc21 commented on GitHub (Sep 1, 2021): Feel free to create a PR to install your required version [here](https://github.com/NginxProxyManager/docker-nginx-full/blob/master/docker/Dockerfile#L94).
kerem commented 2026-02-27 14:58:05 +03:00
Author
Owner
Copy link

@mgutt commented on GitHub (Sep 1, 2021):

Feel free to create a PR

It's not possible to install 1.1.1l in Debian Buster. But the issue is solved as it already contains the fixed version "1.1.1d-0+deb10u7".

<!-- gh-comment-id:909938827 --> @mgutt commented on GitHub (Sep 1, 2021): >Feel free to create a PR It's not possible to install 1.1.1l in Debian Buster. But the issue is solved as it already contains the fixed version "1.1.1d-0+deb10u7".
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
http3
certbot4
brotli
No results found.
Labels
Clear labels   
pull-request

Mirrored from GitHub Pull Request

No labels
pull-request
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/docker-nginx-full#2
No description provided.