Mercurial > hg > nginx-vendor-1-0
comparison CHANGES @ 650:f0a8697979af NGINX_1_0_15
nginx 1.0.15
*) Security: specially crafted mp4 file might allow to overwrite memory
locations in a worker process if the ngx_http_mp4_module was used,
potentially resulting in arbitrary code execution (CVE-2012-2089).
Thanks to Matthew Daley.
*) Bugfix: in the ngx_http_mp4_module.
author | Igor Sysoev <http://sysoev.ru> |
---|---|
date | Thu, 12 Apr 2012 00:00:00 +0400 |
parents | fa9b9e42035e |
children |
comparison
equal
deleted
inserted
replaced
649:1d01063ff106 | 650:f0a8697979af |
---|---|
1 | |
2 Changes with nginx 1.0.15 12 Apr 2012 | |
3 | |
4 *) Security: specially crafted mp4 file might allow to overwrite memory | |
5 locations in a worker process if the ngx_http_mp4_module was used, | |
6 potentially resulting in arbitrary code execution (CVE-2012-2089). | |
7 Thanks to Matthew Daley. | |
8 | |
9 *) Bugfix: in the ngx_http_mp4_module. | |
10 | |
1 | 11 |
2 Changes with nginx 1.0.14 15 Mar 2012 | 12 Changes with nginx 1.0.14 15 Mar 2012 |
3 | 13 |
4 *) Security: content of previously freed memory might be sent to a | 14 *) Security: content of previously freed memory might be sent to a |
5 client if backend returned specially crafted response. | 15 client if backend returned specially crafted response. |