Mercurial > hg > nginx-site
comparison xml/en/security_advisories.xml @ 0:61e04fc01027
Initial import of the nginx.org website.
| author | Ruslan Ermilov <ru@nginx.com> |
|---|---|
| date | Thu, 11 Aug 2011 12:19:13 +0000 |
| parents | |
| children | 9d544687d02c |
comparison
equal
deleted
inserted
replaced
| -1:000000000000 | 0:61e04fc01027 |
|---|---|
| 1 <!DOCTYPE digest SYSTEM "../../dtd/article.dtd"> | |
| 2 | |
| 3 <article title="nginx security advisories" | |
| 4 link="/en/security_advisories.html" | |
| 5 lang="en"> | |
| 6 | |
| 7 <section> | |
| 8 | |
| 9 <para> | |
| 10 <a href="http://sysoev.ru/pgp.txt">Igor Sysoev’s PGP public key</a>. | |
| 11 </para> | |
| 12 | |
| 13 <security> | |
| 14 | |
| 15 <item title="Vulnerabilities with invalid UTF-8 sequence on Windows" | |
| 16 severity="major" | |
| 17 cve="2010-2266" | |
| 18 good="0.8.41+, 0.7.67+" | |
| 19 vulnerable="nginx/Windows 0.7.52-0.8.40" /> | |
| 20 | |
| 21 <item title="Vulnerabilities with Windows file default stream" | |
| 22 severity="major" | |
| 23 cve="2010-2263" | |
| 24 good="0.8.40+, 0.7.66+" | |
| 25 vulnerable="nginx/Windows 0.7.52-0.8.39" /> | |
| 26 | |
| 27 <item title="Vulnerabilities with Windows 8.3 filename pseudonyms" | |
| 28 severity="major" | |
| 29 core="CORE-2010-0121" | |
| 30 href="http://www.coresecurity.com/content/filename-pseudonyms-vulnerabilities" | |
| 31 good="0.8.33+, 0.7.65+" | |
| 32 vulnerable="nginx/Windows 0.7.52-0.8.32" /> | |
| 33 | |
| 34 <item title="An error log data are not sanitized" | |
| 35 severity="none" | |
| 36 cve="2009-4487" | |
| 37 good="none" | |
| 38 vulnerable="all" /> | |
| 39 | |
| 40 <item title="The renegotiation vulnerability in SSL protocol" | |
| 41 severity="major" | |
| 42 cert="120541" | |
| 43 cve="2009-3555" | |
| 44 good="0.8.23+, 0.7.64+" | |
| 45 vulnerable="0.1.0-0.8.22" | |
| 46 patch="patch.cve-2009-3555.txt" /> | |
| 47 | |
| 48 <item title="Directory traversal vulnerability" | |
| 49 severity="minor" | |
| 50 cve="2009-3898" | |
| 51 good="0.8.17+, 0.7.63+" | |
| 52 vulnerable="0.1.0-0.8.16" /> | |
| 53 | |
| 54 <item title="Buffer underflow vulnerability" | |
| 55 severity="major" | |
| 56 cert="180065" | |
| 57 cve="2009-2629" | |
| 58 good="0.8.15+, 0.7.62+, 0.6.39+, 0.5.38+" | |
| 59 vulnerable="0.1.0-0.8.14" | |
| 60 patch="patch.180065.txt" /> | |
| 61 | |
| 62 <item title="Null pointer dereference vulnerability" | |
| 63 severity="major" | |
| 64 cve="2009-3896" | |
| 65 good="0.8.14+, 0.7.62+, 0.6.39+, 0.5.38+" | |
| 66 vulnerable="0.1.0-0.8.13" | |
| 67 patch="patch.null.pointer.txt" /> | |
| 68 | |
| 69 </security> | |
| 70 | |
| 71 </section> | |
| 72 | |
| 73 </article> |