SUSE alert SUSE-SU-2025:02733-1 (nginx)


From:
               OPENSUSE-SECURITY-UPDATES <null@suse.de>
To:
               security-announce@lists.opensuse.org
Subject:
               SUSE-SU-2025:02733-1: moderate: Security update for nginx
Date:
               Fri, 08 Aug 2025 12:30:40 -0000
Message-ID:
               <175465624070.615.4459904916562552717@smelt2.prg2.suse.org>
Archive-link:
               Article


# Security update for nginx

Announcement ID: SUSE-SU-2025:02733-1  
Release Date: 2025-08-08T08:04:13Z  
Rating: moderate  
References:

  * bsc#1246090

  
Affected Products:

  * openSUSE Leap 15.4

  
  
An update that has one security fix can now be installed.

## Description:

This update for nginx fixes the following issues:

Security hardening: \- Drop root priviledges while running logrotatei.
(bsc#1246090)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-2733=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * nginx-1.21.5-150400.3.9.1
    * nginx-debugsource-1.21.5-150400.3.9.1
    * nginx-debuginfo-1.21.5-150400.3.9.1
  * openSUSE Leap 15.4 (noarch)
    * nginx-source-1.21.5-150400.3.9.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1246090



Attachment: None (type=text/html)
(HTML attachment elided)

From:		OPENSUSE-SECURITY-UPDATES <null@suse.de>
To:		security-announce@lists.opensuse.org
Subject:		SUSE-SU-2025:02733-1: moderate: Security update for nginx
Date:		Fri, 08 Aug 2025 12:30:40 -0000
Message-ID:		<175465624070.615.4459904916562552717@smelt2.prg2.suse.org>
Archive-link:		Article