K 10
svn:author
V 6
joneum
K 8
svn:date
V 27
2020-02-09T11:16:40.944571Z
K 7
svn:log
V 464
Add patch for CVE-2019-20372

NGINX before 1.17.7, with certain error_page configurations,
allows HTTP request smuggling, as demonstrated by the ability
of an attacker to read unauthorized web pages in environments
where NGINX is being fronted by a load balancer.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20372

PR:		243952
Reported by:	koobs and many more
MFH:		2020Q1
Security:	c1202de8-4b29-11ea-9673-4c72b94353b5
Sponsored by:	Netzkommune GmbH

END