Mercurial > hg > nginx-site

comparison xml/en/security_advisories.xml @ 904:22bd9315e047

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
nginx-1.2.9
author Maxim Dounin <mdounin@mdounin.ru>
date Mon, 13 May 2013 15:23:37 +0400
parents 8f674c48b879
children ec5d7bb1d40c
comparison
equal deleted inserted replaced
903:8ceb504cdb99 904:22bd9315e047
21 Patches are signed using one of the 21 Patches are signed using one of the
22 <link doc="pgp_keys.xml">PGP public keys</link>. 22 <link doc="pgp_keys.xml">PGP public keys</link>.
23 </para> 23 </para>
24 24
25 <security> 25 <security>
26
27 <item name="Memory disclosure with specially crafted http backend responses"
28 severity="medium"
29 cve="2013-2070"
30 good="1.5.0+, 1.4.1+, 1.2.9+"
31 vulnerable="1.1.4-1.2.8, 1.3.9-1.4.0">
32 <patch name="patch.2013.chunked.txt" versions="1.3.9-1.4.0" />
33 <patch name="patch.2013.proxy.txt" versions="1.1.4-1.2.8" />
34 </item>
26 35
27 <item name="Stack-based buffer overflow with specially crafted request" 36 <item name="Stack-based buffer overflow with specially crafted request"
28 severity="major" 37 severity="major"
29 advisory="http://mailman.nginx.org/pipermail/nginx-announce/2013/000112.html" 38 advisory="http://mailman.nginx.org/pipermail/nginx-announce/2013/000112.html"
30 cve="2013-2028" 39 cve="2013-2028"