Mercurial > hg > nginx-site
annotate xml/en/security_advisories.xml @ 246:6bfacf7124c6
Minor tweaks.
author | Ruslan Ermilov <ru@nginx.com> |
---|---|
date | Fri, 16 Dec 2011 16:09:35 +0000 |
parents | 47d8b82b0650 |
children | 6f411297069c |
rev | line source |
---|---|
50 | 1 <!DOCTYPE article SYSTEM "../../dtd/article.dtd"> |
0
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
2 |
123
7db449e89e92
Unified the use of the "name" attribute instead of "title".
Ruslan Ermilov <ru@nginx.com>
parents:
50
diff
changeset
|
3 <article name="nginx security advisories" |
0
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
4 link="/en/security_advisories.html" |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
5 lang="en"> |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
6 |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
7 <section> |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
8 |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
9 <para> |
209
47d8b82b0650
Added link to my PGP key.
Maxim Dounin <mdounin@mdounin.ru>
parents:
123
diff
changeset
|
10 <a href="http://sysoev.ru/pgp.txt">Igor Sysoev’s PGP public key</a>.<br/> |
47d8b82b0650
Added link to my PGP key.
Maxim Dounin <mdounin@mdounin.ru>
parents:
123
diff
changeset
|
11 <a href="http://mdounin.ru/files/pgp.txt">Maxim Dounin’s PGP public key</a>. |
0
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
12 </para> |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
13 |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
14 <security> |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
15 |
123
7db449e89e92
Unified the use of the "name" attribute instead of "title".
Ruslan Ermilov <ru@nginx.com>
parents:
50
diff
changeset
|
16 <item name="Vulnerabilities with invalid UTF-8 sequence on Windows" |
0
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
17 severity="major" |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
18 cve="2010-2266" |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
19 good="0.8.41+, 0.7.67+" |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
20 vulnerable="nginx/Windows 0.7.52-0.8.40" /> |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
21 |
123
7db449e89e92
Unified the use of the "name" attribute instead of "title".
Ruslan Ermilov <ru@nginx.com>
parents:
50
diff
changeset
|
22 <item name="Vulnerabilities with Windows file default stream" |
0
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
23 severity="major" |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
24 cve="2010-2263" |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
25 good="0.8.40+, 0.7.66+" |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
26 vulnerable="nginx/Windows 0.7.52-0.8.39" /> |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
27 |
123
7db449e89e92
Unified the use of the "name" attribute instead of "title".
Ruslan Ermilov <ru@nginx.com>
parents:
50
diff
changeset
|
28 <item name="Vulnerabilities with Windows 8.3 filename pseudonyms" |
0
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
29 severity="major" |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
30 core="CORE-2010-0121" |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
31 href="http://www.coresecurity.com/content/filename-pseudonyms-vulnerabilities" |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
32 good="0.8.33+, 0.7.65+" |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
33 vulnerable="nginx/Windows 0.7.52-0.8.32" /> |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
34 |
123
7db449e89e92
Unified the use of the "name" attribute instead of "title".
Ruslan Ermilov <ru@nginx.com>
parents:
50
diff
changeset
|
35 <item name="An error log data are not sanitized" |
0
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
36 severity="none" |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
37 cve="2009-4487" |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
38 good="none" |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
39 vulnerable="all" /> |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
40 |
123
7db449e89e92
Unified the use of the "name" attribute instead of "title".
Ruslan Ermilov <ru@nginx.com>
parents:
50
diff
changeset
|
41 <item name="The renegotiation vulnerability in SSL protocol" |
0
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
42 severity="major" |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
43 cert="120541" |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
44 cve="2009-3555" |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
45 good="0.8.23+, 0.7.64+" |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
46 vulnerable="0.1.0-0.8.22" |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
47 patch="patch.cve-2009-3555.txt" /> |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
48 |
123
7db449e89e92
Unified the use of the "name" attribute instead of "title".
Ruslan Ermilov <ru@nginx.com>
parents:
50
diff
changeset
|
49 <item name="Directory traversal vulnerability" |
0
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
50 severity="minor" |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
51 cve="2009-3898" |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
52 good="0.8.17+, 0.7.63+" |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
53 vulnerable="0.1.0-0.8.16" /> |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
54 |
123
7db449e89e92
Unified the use of the "name" attribute instead of "title".
Ruslan Ermilov <ru@nginx.com>
parents:
50
diff
changeset
|
55 <item name="Buffer underflow vulnerability" |
0
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
56 severity="major" |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
57 cert="180065" |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
58 cve="2009-2629" |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
59 good="0.8.15+, 0.7.62+, 0.6.39+, 0.5.38+" |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
60 vulnerable="0.1.0-0.8.14" |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
61 patch="patch.180065.txt" /> |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
62 |
123
7db449e89e92
Unified the use of the "name" attribute instead of "title".
Ruslan Ermilov <ru@nginx.com>
parents:
50
diff
changeset
|
63 <item name="Null pointer dereference vulnerability" |
0
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
64 severity="major" |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
65 cve="2009-3896" |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
66 good="0.8.14+, 0.7.62+, 0.6.39+, 0.5.38+" |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
67 vulnerable="0.1.0-0.8.13" |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
68 patch="patch.null.pointer.txt" /> |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
69 |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
70 </security> |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
71 |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
72 </section> |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
73 |
61e04fc01027
Initial import of the nginx.org website.
Ruslan Ermilov <ru@nginx.com>
parents:
diff
changeset
|
74 </article> |