Mercurial > hg > nginx-site

comparison xml/en/security_advisories.xml @ 909:ef5485fb932d

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
2012 security advisories added.
author Maxim Konovalov <maxim@nginx.com>
date Fri, 17 May 2013 09:50:46 +0000
parents ec5d7bb1d40c
children f7fe7da742c6
comparison
equal deleted inserted replaced
908:326355a6026e 909:ef5485fb932d
43 <patch name="patch.2013.chunked.txt" /> 43 <patch name="patch.2013.chunked.txt" />
44 </item> 44 </item>
45 45
46 <item name="Vulnerabilities with Windows directory aliases" 46 <item name="Vulnerabilities with Windows directory aliases"
47 severity="medium" 47 severity="medium"
48 advisory="http://mailman.nginx.org/pipermail/nginx-announce/2012/000086.html"
48 cve="2011-4963" 49 cve="2011-4963"
49 good="1.3.1+, 1.2.1+" 50 good="1.3.1+, 1.2.1+"
50 vulnerable="nginx/Windows 0.7.52-1.3.0" /> 51 vulnerable="nginx/Windows 0.7.52-1.3.0" />
51 52
52 <item name="Buffer overflow in the ngx_http_mp4_module" 53 <item name="Buffer overflow in the ngx_http_mp4_module"
53 severity="major" 54 severity="major"
55 advisory="http://mailman.nginx.org/pipermail/nginx-announce/2012/000080.html"
54 cve="2012-2089" 56 cve="2012-2089"
55 good="1.1.19+, 1.0.15+" 57 good="1.1.19+, 1.0.15+"
56 vulnerable="1.1.3-1.1.18, 1.0.7-1.0.14"> 58 vulnerable="1.1.3-1.1.18, 1.0.7-1.0.14">
57 <patch name="patch.2012.mp4.txt" /> 59 <patch name="patch.2012.mp4.txt" />
58 </item> 60 </item>
59 61
60 <item name="Memory disclosure with specially crafted backend responses" 62 <item name="Memory disclosure with specially crafted backend responses"
61 severity="major" 63 severity="major"
64 advisory="http://mailman.nginx.org/pipermail/nginx-announce/2012/000076.html"
62 cve="2012-1180" 65 cve="2012-1180"
63 good="1.1.17+, 1.0.14+" 66 good="1.1.17+, 1.0.14+"
64 vulnerable="0.1.0-1.1.16"> 67 vulnerable="0.1.0-1.1.16">
65 <patch name="patch.2012.memory.txt" /> 68 <patch name="patch.2012.memory.txt" />
66 </item> 69 </item>