I’m currently managing a network environment where we utilize the Snap Store Proxy snap for caching Snap Store downloads. Recently, I became aware of the CVE-2021-23017 vulnerability affecting Nginx, which is bundled with the Snap Store Proxy snap.
As part of our security measures, I need to verify the status of the Nginx version included in the Snap Store Proxy snap. According to the information provided by Canonical, we are using version 2.28 of the Snap Store Proxy snap. However, I couldn’t find specific details about the version of Nginx bundled with it and whether it has been patched to address CVE-2021-23017.
Could someone provide information please about the version of Nginx included in the Snap Store Proxy snap version 2.28?
Additionally, I’m interested in knowing if this version of Nginx has been patched to mitigate the CVE-2021-23017 vulnerability.