Nginx Vulnerability

We are running a pilot of Graylog appliance v2.2.3+7adc951. Our auditors have flagged nginx 1.9.14 as out of date. Is there any way to update the nginx version on a Graylog appliance?

No, that’s not possible.

You’ll have to set-up Graylog yourself, if you want to have full control over all components.
:arrow_right: http://docs.graylog.org/en/2.2/pages/installation.html

Out of interest, what’s the specific problem they’ve described?

They have not specified a specific vulnerability reference, nginx 1.9.14 was just flagged as being an out of date version. I have pushed back for an exact vulnerability reference.

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.