Mercurial > hg > nginx-site

diff xml/en/security_advisories.xml @ 1645:d4b29af80036

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
nginx-1.9.10, nginx-1.8.1
author Maxim Dounin <mdounin@mdounin.ru>
date Tue, 26 Jan 2016 18:30:39 +0300
parents bb18e3bd3fb9
children e85d7bd9345f
line wrap: on
line diff
--- a/xml/en/security_advisories.xml	Thu Jan 21 14:42:36 2016 +0300
+++ b/xml/en/security_advisories.xml	Tue Jan 26 18:30:39 2016 +0300
@@ -24,6 +24,24 @@
 
 <security>
 
+<item name="Invalid pointer dereference in resolver"
+      severity="medium"
+      cve="2016-0742"
+      good="1.9.10+, 1.8.1+"
+      vulnerable="0.6.18-1.9.9" />
+
+<item name="Use-after-free during CNAME response processing in resolver"
+      severity="medium"
+      cve="2016-0746"
+      good="1.9.10+, 1.8.1+"
+      vulnerable="0.6.18-1.9.9" />
+
+<item name="Insufficient limits of CNAME resolution in resolver"
+      severity="medium"
+      cve="2016-0747"
+      good="1.9.10+, 1.8.1+"
+      vulnerable="0.6.18-1.9.9" />
+
 <item name="SSL session reuse vulnerability"
       severity="medium"
       cve="2014-3616"