1 ignored security issue in buster

package:
nginx
severity:
low
created:
2017-06-18
last updated:
2019-02-16

There is 1 open security issue in buster.
1 issue skipped by the security teams:
  • CVE-2013-0337: The default configuration of nginx, possibly 1.3.13 and earlier, uses world-readable permissions for the (1) access.log and (2) error.log files, which allows local users to obtain sensitive information by reading the files.
Please fix it.