[SAC] [abuse #31856] CISA Security issues with OSGEO hosts
Lance Albertson via RT
abuse at osuosl.org
Mon Oct 18 13:10:40 PDT 2021
On Tue Oct 12 09:34:28 2021, lr at pcorp.us wrote:
> > Looks like the TLS issue has been resolved. Here's the report from last week
> > (I'm still waiting for the one for this week). Can you please verify that
> > the version of nginx you have installed on your Ubuntu machines is at least
> > or newer than the version described here [1]?
> >
> > [1] https://ubuntu.com/security/CVE-2019-20372
> >
> [Regina Obe]
> Looks like they are lower. I'll try to upgrade them this coming week.
Looks like it resolved some of them but we have a new CVE [1] that needs
addressed. I've attached the report so you can see all of the issues. It also
seems you might be using the expired LetsEncrypt CA in some places.
[1] https://ubuntu.com/security/CVE-2021-23017
--
Lance Albertson
Director
Oregon State University | Open Source Lab
-------------- next part --------------
A non-text attachment was scrubbed...
Name: osgeo-2021-10-18.csv
Type: text/csv
Size: 25258 bytes
Desc: not available
URL: <http://lists.osgeo.org/pipermail/sac/attachments/20211018/880cec41/attachment.csv>
More information about the Sac
mailing list