Mercurial > hg > nginx-site
comparison xml/en/security_advisories.xml @ 0:61e04fc01027
Initial import of the nginx.org website.
author | Ruslan Ermilov <ru@nginx.com> |
---|---|
date | Thu, 11 Aug 2011 12:19:13 +0000 |
parents | |
children | 9d544687d02c |
comparison
equal
deleted
inserted
replaced
-1:000000000000 | 0:61e04fc01027 |
---|---|
1 <!DOCTYPE digest SYSTEM "../../dtd/article.dtd"> | |
2 | |
3 <article title="nginx security advisories" | |
4 link="/en/security_advisories.html" | |
5 lang="en"> | |
6 | |
7 <section> | |
8 | |
9 <para> | |
10 <a href="http://sysoev.ru/pgp.txt">Igor Sysoev’s PGP public key</a>. | |
11 </para> | |
12 | |
13 <security> | |
14 | |
15 <item title="Vulnerabilities with invalid UTF-8 sequence on Windows" | |
16 severity="major" | |
17 cve="2010-2266" | |
18 good="0.8.41+, 0.7.67+" | |
19 vulnerable="nginx/Windows 0.7.52-0.8.40" /> | |
20 | |
21 <item title="Vulnerabilities with Windows file default stream" | |
22 severity="major" | |
23 cve="2010-2263" | |
24 good="0.8.40+, 0.7.66+" | |
25 vulnerable="nginx/Windows 0.7.52-0.8.39" /> | |
26 | |
27 <item title="Vulnerabilities with Windows 8.3 filename pseudonyms" | |
28 severity="major" | |
29 core="CORE-2010-0121" | |
30 href="http://www.coresecurity.com/content/filename-pseudonyms-vulnerabilities" | |
31 good="0.8.33+, 0.7.65+" | |
32 vulnerable="nginx/Windows 0.7.52-0.8.32" /> | |
33 | |
34 <item title="An error log data are not sanitized" | |
35 severity="none" | |
36 cve="2009-4487" | |
37 good="none" | |
38 vulnerable="all" /> | |
39 | |
40 <item title="The renegotiation vulnerability in SSL protocol" | |
41 severity="major" | |
42 cert="120541" | |
43 cve="2009-3555" | |
44 good="0.8.23+, 0.7.64+" | |
45 vulnerable="0.1.0-0.8.22" | |
46 patch="patch.cve-2009-3555.txt" /> | |
47 | |
48 <item title="Directory traversal vulnerability" | |
49 severity="minor" | |
50 cve="2009-3898" | |
51 good="0.8.17+, 0.7.63+" | |
52 vulnerable="0.1.0-0.8.16" /> | |
53 | |
54 <item title="Buffer underflow vulnerability" | |
55 severity="major" | |
56 cert="180065" | |
57 cve="2009-2629" | |
58 good="0.8.15+, 0.7.62+, 0.6.39+, 0.5.38+" | |
59 vulnerable="0.1.0-0.8.14" | |
60 patch="patch.180065.txt" /> | |
61 | |
62 <item title="Null pointer dereference vulnerability" | |
63 severity="major" | |
64 cve="2009-3896" | |
65 good="0.8.14+, 0.7.62+, 0.6.39+, 0.5.38+" | |
66 vulnerable="0.1.0-0.8.13" | |
67 patch="patch.null.pointer.txt" /> | |
68 | |
69 </security> | |
70 | |
71 </section> | |
72 | |
73 </article> |