Mercurial > hg > nginx-site

comparison xml/en/security_advisories.xml @ 1292:bb18e3bd3fb9

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
nginx-1.7.5, nginx-1.6.2
author Maxim Dounin <mdounin@mdounin.ru>
date Tue, 16 Sep 2014 17:20:27 +0400
parents ba6da8f0ecd2
children d4b29af80036
comparison
equal deleted inserted replaced
1291:d7740f42b00a 1292:bb18e3bd3fb9
21 Patches are signed using one of the 21 Patches are signed using one of the
22 <link doc="pgp_keys.xml">PGP public keys</link>. 22 <link doc="pgp_keys.xml">PGP public keys</link>.
23 </para> 23 </para>
24 24
25 <security> 25 <security>
26
27 <item name="SSL session reuse vulnerability"
28 severity="medium"
29 cve="2014-3616"
30 good="1.7.5+, 1.6.2+"
31 vulnerable="0.5.6-1.7.4">
32 </item>
26 33
27 <item name="STARTTLS command injection" 34 <item name="STARTTLS command injection"
28 severity="medium" 35 severity="medium"
29 advisory="http://mailman.nginx.org/pipermail/nginx-announce/2014/000144.html" 36 advisory="http://mailman.nginx.org/pipermail/nginx-announce/2014/000144.html"
30 cve="2014-3556" 37 cve="2014-3556"