gahusb/web-page-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(security): nginx CVE-2026-42945 대응 — 패치 버전 고정

Browse Source 
미고정 nginx:alpine → nginx:1.30.1-alpine (NGINX Rift, ngx_http_rewrite_module
힙 오버플로우 CVSS 9.2, 1.30.1/1.31.0에서 수정). 현재 default.conf엔 rewrite
디렉티브가 없어 실 익스플로잇 경로는 미도달이나 defense-in-depth로 패치 stable 고정.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
gahusb
2026-06-01 17:33:13 +09:00
parent 5d9be51dba
commit 4e846a2d5f
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docker-compose.yml
View File

@@ -380,7 +380,9 @@ services:
retries: 3 retries: 3
frontend: frontend:
image: nginx:alpine # CVE-2026-42945 (NGINX Rift, ngx_http_rewrite_module heap overflow, CVSS 9.2)
# 대응: 미고정 nginx:alpine → 패치 stable 버전 고정 (fix in 1.30.1 / 1.31.0)
image: nginx:1.30.1-alpine
container_name: frontend container_name: frontend
restart: unless-stopped restart: unless-stopped
depends_on: depends_on: