Mercurial > hg > nginx
comparison docs/xml/nginx/changes.xml @ 5612:636ce03634e7 stable-1.4 release-1.4.7
nginx-1.4.7-RELEASE
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Tue, 18 Mar 2014 17:17:09 +0400 |
parents | e201159f5d4e |
children |
comparison
equal
deleted
inserted
replaced
5611:e7f7d30196e3 | 5612:636ce03634e7 |
---|---|
1 <?xml version="1.0" ?> | 1 <?xml version="1.0" ?> |
2 <!DOCTYPE change_log SYSTEM "../../dtd/changes.dtd" > | 2 <!DOCTYPE change_log SYSTEM "../../dtd/changes.dtd" > |
3 | 3 |
4 | 4 |
5 <change_log title="nginx"> | 5 <change_log title="nginx"> |
6 | |
7 | |
8 <changes ver="1.4.7" date="18.03.2014"> | |
9 | |
10 <change type="security"> | |
11 <para lang="ru"> | |
12 при обработке специально созданного запроса модулем ngx_http_spdy_module | |
13 могло происходить переполнение буфера в рабочем процессе, | |
14 что потенциально могло приводить к выполнению произвольного кода | |
15 (CVE-2014-0133).<br/> | |
16 Спасибо Lucas Molas из Programa STIC, Fundación Dr. Manuel | |
17 Sadosky, Buenos Aires, Argentina. | |
18 </para> | |
19 <para lang="en"> | |
20 a heap memory buffer overflow might occur in a worker process | |
21 while handling a specially crafted request by ngx_http_spdy_module, | |
22 potentially resulting in arbitrary code execution | |
23 (CVE-2014-0133).<br/> | |
24 Thanks to Lucas Molas, researcher at Programa STIC, Fundación Dr. Manuel | |
25 Sadosky, Buenos Aires, Argentina. | |
26 </para> | |
27 </change> | |
28 | |
29 <change type="bugfix"> | |
30 <para lang="ru"> | |
31 в директиве fastcgi_next_upstream.<br/> | |
32 Спасибо Lucas Molas. | |
33 </para> | |
34 <para lang="en"> | |
35 in the "fastcgi_next_upstream" directive.<br/> | |
36 Thanks to Lucas Molas. | |
37 </para> | |
38 </change> | |
39 | |
40 </changes> | |
6 | 41 |
7 | 42 |
8 <changes ver="1.4.6" date="04.03.2014"> | 43 <changes ver="1.4.6" date="04.03.2014"> |
9 | 44 |
10 <change type="bugfix"> | 45 <change type="bugfix"> |