Skip to main content

Upgrading Nginx on Ubuntu to due vulnerabilities CVE-2024-32002, CVE-2024-32004 and CVE-2024-32465

The current Nginx version running is 1.18.0.  It seems like the Nginx version from the default Ubuntu repositories is still 1.18.0, which might not have the latest security patches. To resolve this, you can add the official Nginx repository to get the latest stable version.

 

1. Backup your current Nginx configuration

It's a good practice to back up your current Nginx configuration before making any changes:

Overcoming startup challenges with Apache Solr on Ubuntu 24.04

Recently, after upgrading to Ubuntu 24.04, we encountered a significant challenge with our Apache Solr service—it refused to restart. This post documents the steps I took to diagnose and resolve the issues, providing a clear guide for anyone facing similar troubles.

 

Initial troubleshooting

The journey began with a simple command to check the status of our Solr service:

How to empty a file on your server

Managing files on a server often includes tasks like clearing logs or resetting configuration files. If you need to empty a file without deleting it, there are several quick and efficient methods to achieve this.

Recently, during a review of log files, I noticed an unusually large file: access_ssl_log.processed, which was a substantial 8.77 GB. After reviewing and backing up the data, I needed to empty the file to free up space and maintain server performance.

Checking if a file exists using command line queries in Ubuntu with Nginx

On a server directory with over 100,000 PDF files, I needed to verify the existence of specific documents. Whether there are a few hundred or whatever the number of files, this article explores the practical use of command-line tools to quickly ascertain whether a file is present. In the area of server management or application development, especially on systems like Ubuntu equipped with Nginx, it's crucial to perform routine checks to ensure that all necessary files are in place.

Create a copy of files that go to the tmp directory

To review the content of files being generated in the /tmp directory on an Ubuntu server before Microsoft Defender removes them, you can use several approaches.  Following is the approach we took.

 

Real-Time Monitoring

You can set up a script to monitor the /tmp directory and log the contents of new files. Use inotifywait to watch for new files and then copy them to another directory for review.

Install inotify-tools:

Terminal command to find and replace

In many terminal text editors, you use find command as reference in Terminal commands - find.  How about find and replace.  This action depends on the specific text editor you're using in the terminal.  Here are a few common terminal text editors and how you can find and replace strings within them:

Vim

To find: Press / followed by the search term and then Enter.

Resolving CVE-2022-48624 less issue

To resolve the CVE-2022-48624 vulnerability on Ubuntu using Nginx, it's crucial to understand that the issue lies within the "less" package, not Nginx itself. The vulnerability affects "less" before version 606, where close_altfile in filename.c in less omits shell_quote calls for LESSCLOSE, potentially allowing shell command injection.

The current less version is 551, which is vulnerable. You'll need to upgrade "less" to a version at or beyond 606.

Subscribe to Ubuntu