Mercurial > hg > nginx-quic
comparison docs/xml/nginx/changes.xml @ 5607:97b47d95e444 release-1.5.12
nginx-1.5.12-RELEASE
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Tue, 18 Mar 2014 17:08:35 +0400 |
parents | f995a10d4c7e |
children | fd722b890eab |
comparison
equal
deleted
inserted
replaced
5606:6c7f9fd5fd7e | 5607:97b47d95e444 |
---|---|
1 <?xml version="1.0" ?> | 1 <?xml version="1.0" ?> |
2 <!DOCTYPE change_log SYSTEM "../../dtd/changes.dtd" > | 2 <!DOCTYPE change_log SYSTEM "../../dtd/changes.dtd" > |
3 | 3 |
4 | 4 |
5 <change_log title="nginx"> | 5 <change_log title="nginx"> |
6 | |
7 | |
8 <changes ver="1.5.12" date="18.03.2014"> | |
9 | |
10 <change type="security"> | |
11 <para lang="ru"> | |
12 при обработке специально созданного запроса модулем ngx_http_spdy_module | |
13 могло происходить переполнение буфера в рабочем процессе, | |
14 что потенциально могло приводить к выполнению произвольного кода | |
15 (CVE-2014-0133).<br/> | |
16 Спасибо Lucas Molas из Programa STIC, Fundación Dr. Manuel | |
17 Sadosky, Buenos Aires, Argentina. | |
18 </para> | |
19 <para lang="en"> | |
20 a heap memory buffer overflow might occur in a worker process | |
21 while handling a specially crafted request by ngx_http_spdy_module, | |
22 potentially resulting in arbitrary code execution | |
23 (CVE-2014-0133).<br/> | |
24 Thanks to Lucas Molas, researcher at Programa STIC, Fundación Dr. Manuel | |
25 Sadosky, Buenos Aires, Argentina. | |
26 </para> | |
27 </change> | |
28 | |
29 <change type="feature"> | |
30 <para lang="ru"> | |
31 параметр proxy_protocol в директивах listen и real_ip_header, | |
32 переменная $proxy_protocol_addr. | |
33 </para> | |
34 <para lang="en"> | |
35 the "proxy_protocol" parameters of the "listen" and "real_ip_header" directives, | |
36 the $proxy_protocol_addr variable. | |
37 </para> | |
38 </change> | |
39 | |
40 <change type="bugfix"> | |
41 <para lang="ru"> | |
42 в директиве fastcgi_next_upstream.<br/> | |
43 Спасибо Lucas Molas. | |
44 </para> | |
45 <para lang="en"> | |
46 in the "fastcgi_next_upstream" directive.<br/> | |
47 Thanks to Lucas Molas. | |
48 </para> | |
49 </change> | |
50 | |
51 </changes> | |
6 | 52 |
7 | 53 |
8 <changes ver="1.5.11" date="04.03.2014"> | 54 <changes ver="1.5.11" date="04.03.2014"> |
9 | 55 |
10 <change type="security"> | 56 <change type="security"> |