nginx version security issue -- can it be upgraded to 1.16.1

[Torawk]

Hello,

I'm using graphite along with Icinga and although not externally accessible, noticed this nginx vulnerability:

https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/

Checked the lastest from dockerhub for graphite-project/docker-graphite-statsd and noticed:

/ # nginx -v
nginx version: nginx/1.16.0

I did a bit of digging and alpine will install 1.16.1, which addresses the issue. So can we get a new build and image on dockerhub with this latest version?

[deniszh]

Not sure if relevant. But it's good to have anyway.

[deniszh]

Fixed in 1.1.5-13

[Torawk]

Thanks for the very fast response and resolution!