Mercurial > hg > nginx-site

diff xml/en/security_advisories.xml @ 1264:f6d12250cda5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
nginx-1.7.4, nginx-1.6.1
author Maxim Dounin <mdounin@mdounin.ru>
date Tue, 05 Aug 2014 16:55:14 +0400
parents 287c2a9c9d63
children ba6da8f0ecd2
line wrap: on
line diff
--- a/xml/en/security_advisories.xml	Mon Aug 04 10:52:00 2014 +0400
+++ b/xml/en/security_advisories.xml	Tue Aug 05 16:55:14 2014 +0400
@@ -24,6 +24,14 @@
 
 <security>
 
+<item name="STARTTLS command injection"
+      severity="medium"
+      cve="2014-3556"
+      good="1.7.4+, 1.6.1+"
+      vulnerable="1.5.6-1.7.3">
+<patch name="patch.2014.starttls.txt" />
+</item>
+
 <item name="SPDY heap buffer overflow"
       severity="major"
       advisory="http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html"