Mercurial > hg > nginx-site
diff text/en/CHANGES-1.4 @ 1098:bc2a379c4cb6
nginx-1.5.12, nginx-1.4.7
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Tue, 18 Mar 2014 20:21:27 +0400 |
parents | fbb81cb6b012 |
children |
line wrap: on
line diff
--- a/text/en/CHANGES-1.4 Tue Mar 18 19:59:24 2014 +0400 +++ b/text/en/CHANGES-1.4 Tue Mar 18 20:21:27 2014 +0400 @@ -1,4 +1,17 @@ +Changes with nginx 1.4.7 18 Mar 2014 + + *) Security: a heap memory buffer overflow might occur in a worker + process while handling a specially crafted request by + ngx_http_spdy_module, potentially resulting in arbitrary code + execution (CVE-2014-0133). + Thanks to Lucas Molas, researcher at Programa STIC, FundaciĆ³n Dr. + Manuel Sadosky, Buenos Aires, Argentina. + + *) Bugfix: in the "fastcgi_next_upstream" directive. + Thanks to Lucas Molas. + + Changes with nginx 1.4.6 04 Mar 2014 *) Bugfix: the "client_max_body_size" directive might not work when