Mercurial > hg > nginx-site
comparison xml/en/security_advisories.xml @ 123:7db449e89e92
Unified the use of the "name" attribute instead of "title".
author | Ruslan Ermilov <ru@nginx.com> |
---|---|
date | Fri, 21 Oct 2011 06:17:16 +0000 |
parents | 9d544687d02c |
children | 47d8b82b0650 |
comparison
equal
deleted
inserted
replaced
122:871ea104fdbf | 123:7db449e89e92 |
---|---|
1 <!DOCTYPE article SYSTEM "../../dtd/article.dtd"> | 1 <!DOCTYPE article SYSTEM "../../dtd/article.dtd"> |
2 | 2 |
3 <article title="nginx security advisories" | 3 <article name="nginx security advisories" |
4 link="/en/security_advisories.html" | 4 link="/en/security_advisories.html" |
5 lang="en"> | 5 lang="en"> |
6 | 6 |
7 <section> | 7 <section> |
8 | 8 |
10 <a href="http://sysoev.ru/pgp.txt">Igor Sysoev’s PGP public key</a>. | 10 <a href="http://sysoev.ru/pgp.txt">Igor Sysoev’s PGP public key</a>. |
11 </para> | 11 </para> |
12 | 12 |
13 <security> | 13 <security> |
14 | 14 |
15 <item title="Vulnerabilities with invalid UTF-8 sequence on Windows" | 15 <item name="Vulnerabilities with invalid UTF-8 sequence on Windows" |
16 severity="major" | 16 severity="major" |
17 cve="2010-2266" | 17 cve="2010-2266" |
18 good="0.8.41+, 0.7.67+" | 18 good="0.8.41+, 0.7.67+" |
19 vulnerable="nginx/Windows 0.7.52-0.8.40" /> | 19 vulnerable="nginx/Windows 0.7.52-0.8.40" /> |
20 | 20 |
21 <item title="Vulnerabilities with Windows file default stream" | 21 <item name="Vulnerabilities with Windows file default stream" |
22 severity="major" | 22 severity="major" |
23 cve="2010-2263" | 23 cve="2010-2263" |
24 good="0.8.40+, 0.7.66+" | 24 good="0.8.40+, 0.7.66+" |
25 vulnerable="nginx/Windows 0.7.52-0.8.39" /> | 25 vulnerable="nginx/Windows 0.7.52-0.8.39" /> |
26 | 26 |
27 <item title="Vulnerabilities with Windows 8.3 filename pseudonyms" | 27 <item name="Vulnerabilities with Windows 8.3 filename pseudonyms" |
28 severity="major" | 28 severity="major" |
29 core="CORE-2010-0121" | 29 core="CORE-2010-0121" |
30 href="http://www.coresecurity.com/content/filename-pseudonyms-vulnerabilities" | 30 href="http://www.coresecurity.com/content/filename-pseudonyms-vulnerabilities" |
31 good="0.8.33+, 0.7.65+" | 31 good="0.8.33+, 0.7.65+" |
32 vulnerable="nginx/Windows 0.7.52-0.8.32" /> | 32 vulnerable="nginx/Windows 0.7.52-0.8.32" /> |
33 | 33 |
34 <item title="An error log data are not sanitized" | 34 <item name="An error log data are not sanitized" |
35 severity="none" | 35 severity="none" |
36 cve="2009-4487" | 36 cve="2009-4487" |
37 good="none" | 37 good="none" |
38 vulnerable="all" /> | 38 vulnerable="all" /> |
39 | 39 |
40 <item title="The renegotiation vulnerability in SSL protocol" | 40 <item name="The renegotiation vulnerability in SSL protocol" |
41 severity="major" | 41 severity="major" |
42 cert="120541" | 42 cert="120541" |
43 cve="2009-3555" | 43 cve="2009-3555" |
44 good="0.8.23+, 0.7.64+" | 44 good="0.8.23+, 0.7.64+" |
45 vulnerable="0.1.0-0.8.22" | 45 vulnerable="0.1.0-0.8.22" |
46 patch="patch.cve-2009-3555.txt" /> | 46 patch="patch.cve-2009-3555.txt" /> |
47 | 47 |
48 <item title="Directory traversal vulnerability" | 48 <item name="Directory traversal vulnerability" |
49 severity="minor" | 49 severity="minor" |
50 cve="2009-3898" | 50 cve="2009-3898" |
51 good="0.8.17+, 0.7.63+" | 51 good="0.8.17+, 0.7.63+" |
52 vulnerable="0.1.0-0.8.16" /> | 52 vulnerable="0.1.0-0.8.16" /> |
53 | 53 |
54 <item title="Buffer underflow vulnerability" | 54 <item name="Buffer underflow vulnerability" |
55 severity="major" | 55 severity="major" |
56 cert="180065" | 56 cert="180065" |
57 cve="2009-2629" | 57 cve="2009-2629" |
58 good="0.8.15+, 0.7.62+, 0.6.39+, 0.5.38+" | 58 good="0.8.15+, 0.7.62+, 0.6.39+, 0.5.38+" |
59 vulnerable="0.1.0-0.8.14" | 59 vulnerable="0.1.0-0.8.14" |
60 patch="patch.180065.txt" /> | 60 patch="patch.180065.txt" /> |
61 | 61 |
62 <item title="Null pointer dereference vulnerability" | 62 <item name="Null pointer dereference vulnerability" |
63 severity="major" | 63 severity="major" |
64 cve="2009-3896" | 64 cve="2009-3896" |
65 good="0.8.14+, 0.7.62+, 0.6.39+, 0.5.38+" | 65 good="0.8.14+, 0.7.62+, 0.6.39+, 0.5.38+" |
66 vulnerable="0.1.0-0.8.13" | 66 vulnerable="0.1.0-0.8.13" |
67 patch="patch.null.pointer.txt" /> | 67 patch="patch.null.pointer.txt" /> |