Mercurial > hg > nginx-site

comparison xml/en/security_advisories.xml @ 1264:f6d12250cda5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
nginx-1.7.4, nginx-1.6.1
author Maxim Dounin <mdounin@mdounin.ru>
date Tue, 05 Aug 2014 16:55:14 +0400
parents 287c2a9c9d63
children ba6da8f0ecd2
comparison
equal deleted inserted replaced
1263:fb94d6f98b03 1264:f6d12250cda5
21 Patches are signed using one of the 21 Patches are signed using one of the
22 <link doc="pgp_keys.xml">PGP public keys</link>. 22 <link doc="pgp_keys.xml">PGP public keys</link>.
23 </para> 23 </para>
24 24
25 <security> 25 <security>
26
27 <item name="STARTTLS command injection"
28 severity="medium"
29 cve="2014-3556"
30 good="1.7.4+, 1.6.1+"
31 vulnerable="1.5.6-1.7.3">
32 <patch name="patch.2014.starttls.txt" />
33 </item>
26 34
27 <item name="SPDY heap buffer overflow" 35 <item name="SPDY heap buffer overflow"
28 severity="major" 36 severity="major"
29 advisory="http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html" 37 advisory="http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html"
30 cve="2014-0133" 38 cve="2014-0133"