From: Maxim Dounin <mdounin@mdounin.ru>
Date: Tue, 25 May 2021 12:35:38 +0000 (+0300)
Subject: nginx-1.20.1-RELEASE
X-Git-Tag: release-1.20.1
X-Git-Url: http://www.kaiwu.me/postgresql/commit/static/gitweb.js?a=commitdiff_plain;h=98a892514206ee63d418d9f355c92b6d4ce6113a;p=nginx.git

nginx-1.20.1-RELEASE
---

diff --git a/docs/xml/nginx/changes.xml b/docs/xml/nginx/changes.xml
index a65987666..fa276d753 100644
--- a/docs/xml/nginx/changes.xml
+++ b/docs/xml/nginx/changes.xml
@@ -5,6 +5,32 @@
 <change_log title="nginx">
 
 
+<changes ver="1.20.1" date="2021-05-25">
+
+<change type="security">
+<para lang="ru">
+Ð¿ÑÐ¸ Ð¸ÑÐ¿Ð¾Ð»ÑÐ·Ð¾Ð²Ð°Ð½Ð¸Ð¸ Ð´Ð¸ÑÐµÐºÑÐ¸Ð²Ñ resolver
+Ð²Ð¾ Ð²ÑÐµÐ¼Ñ Ð¾Ð±ÑÐ°Ð±Ð¾ÑÐºÐ¸ Ð¾ÑÐ²ÐµÑÐ° DNS-ÑÐµÑÐ²ÐµÑÐ°
+Ð¼Ð¾Ð³Ð»Ð° Ð¿ÑÐ¾Ð¸ÑÑÐ¾Ð´Ð¸ÑÑ Ð¿ÐµÑÐµÐ·Ð°Ð¿Ð¸ÑÑ Ð¾Ð´Ð½Ð¾Ð³Ð¾ Ð±Ð°Ð¹ÑÐ° Ð¿Ð°Ð¼ÑÑÐ¸,
+ÑÑÐ¾ Ð¿Ð¾Ð·Ð²Ð¾Ð»ÑÐ»Ð¾ Ð°ÑÐ°ÐºÑÑÑÐµÐ¼Ñ,
+Ð¸Ð¼ÐµÑÑÐµÐ¼Ñ Ð²Ð¾Ð·Ð¼Ð¾Ð¶Ð½Ð¾ÑÑÑ Ð¿Ð¾Ð´Ð´ÐµÐ»ÑÐ²Ð°ÑÑ UDP-Ð¿Ð°ÐºÐµÑÑ Ð¾Ñ DNS-ÑÐµÑÐ²ÐµÑÐ°,
+Ð²ÑÐ·Ð²Ð°ÑÑ Ð¿Ð°Ð´ÐµÐ½Ð¸Ðµ ÑÐ°Ð±Ð¾ÑÐµÐ³Ð¾ Ð¿ÑÐ¾ÑÐµÑÑÐ°
+Ð¸Ð»Ð¸, Ð¿Ð¾ÑÐµÐ½ÑÐ¸Ð°Ð»ÑÐ½Ð¾, Ð²ÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ðµ Ð¿ÑÐ¾Ð¸Ð·Ð²Ð¾Ð»ÑÐ½Ð¾Ð³Ð¾ ÐºÐ¾Ð´Ð° (CVE-2021-23017).
+</para>
+<para lang="en">
+1-byte memory overwrite might occur
+during DNS server response processing
+if the "resolver" directive was used,
+allowing an attacker
+who is able to forge UDP packets from the DNS server
+to cause worker process crash
+or, potentially, arbitrary code execution (CVE-2021-23017).
+</para>
+</change>
+
+</changes>
+
+
 <changes ver="1.20.0" date="2021-04-20">
 
 <change>
