[Nfd-dev] NDN Testbed nginx mystery

Dehart, John jdd at wustl.edu
Wed Sep 11 13:45:47 PDT 2019 

Hmm. OK. Well, I had at least one site saying that their network admins would have to block the Testbed node if
nginx was not upgraded. Here is what they sent me.






> On Sep 11, 2019, at 2:42 PM, Junxiao Shi <shijunxiao at email.arizona.edu> wrote:
> 
> Hi John
> 
> There's no "security hole" in Ubuntu 16.04's nginx, as long as you regularly update all system packages via `sudo apt full-upgrade`.
> Canonical Inc backports security patches for recent vulnerabilities. You can see them here:
> http://changelogs.ubuntu.com/changelogs/pool/main/n/nginx/nginx_1.10.3-0ubuntu0.16.04.4/changelog <http://changelogs.ubuntu.com/changelogs/pool/main/n/nginx/nginx_1.10.3-0ubuntu0.16.04.4/changelog>
> 
> To minimize problems, do not upgrade between Ubuntu package source and nginx package server https://nginx.org/en/linux_packages.html#Ubuntu <https://nginx.org/en/linux_packages.html#Ubuntu>
> Instead, delete the old packages with `sudo apt purge nginx`, and then install new packages normally.
> 
> Yours, Junxiao
> 
> On Tue, Sep 10, 2019 at 11:53 AM Dehart, John <jdd at wustl.edu <mailto:jdd at wustl.edu>> wrote:
> 
> All:
> 
> I recently had some requests to upgrade the version of nginx because of some security holes in the
> version we had been running. I updated the configuration to use nginx version 1.17.3.
> But, now I have a problem with that version. On several nodes, the configuration directory for nginx, /etc/nginx,
> disappears.  I’m trying to track down what might be happening, but if anyone has seen this kind of
> thing before let me know.
> 
> Thanks,
> John
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.lists.cs.ucla.edu/pipermail/nfd-dev/attachments/20190911/0c025590/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 78380 bytes
Desc: not available
URL: <http://www.lists.cs.ucla.edu/pipermail/nfd-dev/attachments/20190911/0c025590/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://www.lists.cs.ucla.edu/pipermail/nfd-dev/attachments/20190911/0c025590/attachment-0001.sig>

More information about the Nfd-dev mailing list