Mercurial > hg > nginx-site
comparison xml/en/security_advisories.xml @ 901:8f674c48b879
Security advisories: advisory link and several patches per advisory.
author | Ruslan Ermilov <ru@nginx.com> |
---|---|
date | Wed, 08 May 2013 18:22:23 +0400 |
parents | 012feca3d85f |
children | 22bd9315e047 |
comparison
equal
deleted
inserted
replaced
900:da102c9c7e36 | 901:8f674c48b879 |
---|---|
24 | 24 |
25 <security> | 25 <security> |
26 | 26 |
27 <item name="Stack-based buffer overflow with specially crafted request" | 27 <item name="Stack-based buffer overflow with specially crafted request" |
28 severity="major" | 28 severity="major" |
29 advisory="http://mailman.nginx.org/pipermail/nginx-announce/2013/000112.html" | |
29 cve="2013-2028" | 30 cve="2013-2028" |
30 good="1.5.0+, 1.4.1+" | 31 good="1.5.0+, 1.4.1+" |
31 vulnerable="1.3.9-1.4.0" | 32 vulnerable="1.3.9-1.4.0"> |
32 patch="patch.2013.chunked.txt" /> | 33 <patch name="patch.2013.chunked.txt" /> |
34 </item> | |
33 | 35 |
34 <item name="Vulnerabilities with Windows directory aliases" | 36 <item name="Vulnerabilities with Windows directory aliases" |
35 severity="medium" | 37 severity="medium" |
36 cve="2011-4963" | 38 cve="2011-4963" |
37 good="1.3.1+, 1.2.1+" | 39 good="1.3.1+, 1.2.1+" |
39 | 41 |
40 <item name="Buffer overflow in the ngx_http_mp4_module" | 42 <item name="Buffer overflow in the ngx_http_mp4_module" |
41 severity="major" | 43 severity="major" |
42 cve="2012-2089" | 44 cve="2012-2089" |
43 good="1.1.19+, 1.0.15+" | 45 good="1.1.19+, 1.0.15+" |
44 vulnerable="1.1.3-1.1.18, 1.0.7-1.0.14" | 46 vulnerable="1.1.3-1.1.18, 1.0.7-1.0.14"> |
45 patch="patch.2012.mp4.txt" /> | 47 <patch name="patch.2012.mp4.txt" /> |
48 </item> | |
46 | 49 |
47 <item name="Memory disclosure with specially crafted backend responses" | 50 <item name="Memory disclosure with specially crafted backend responses" |
48 severity="major" | 51 severity="major" |
49 cve="2012-1180" | 52 cve="2012-1180" |
50 good="1.1.17+, 1.0.14+" | 53 good="1.1.17+, 1.0.14+" |
51 vulnerable="0.1.0-1.1.16" | 54 vulnerable="0.1.0-1.1.16"> |
52 patch="patch.2012.memory.txt" /> | 55 <patch name="patch.2012.memory.txt" /> |
56 </item> | |
53 | 57 |
54 <item name="Buffer overflow in resolver" | 58 <item name="Buffer overflow in resolver" |
55 severity="medium" | 59 severity="medium" |
56 cve="2011-4315" | 60 cve="2011-4315" |
57 good="1.1.8+, 1.0.10+" | 61 good="1.1.8+, 1.0.10+" |
85 <item name="The renegotiation vulnerability in SSL protocol" | 89 <item name="The renegotiation vulnerability in SSL protocol" |
86 severity="major" | 90 severity="major" |
87 cert="120541" | 91 cert="120541" |
88 cve="2009-3555" | 92 cve="2009-3555" |
89 good="0.8.23+, 0.7.64+" | 93 good="0.8.23+, 0.7.64+" |
90 vulnerable="0.1.0-0.8.22" | 94 vulnerable="0.1.0-0.8.22"> |
91 patch="patch.cve-2009-3555.txt" /> | 95 <patch name="patch.cve-2009-3555.txt" /> |
96 </item> | |
92 | 97 |
93 <item name="Directory traversal vulnerability" | 98 <item name="Directory traversal vulnerability" |
94 severity="minor" | 99 severity="minor" |
95 cve="2009-3898" | 100 cve="2009-3898" |
96 good="0.8.17+, 0.7.63+" | 101 good="0.8.17+, 0.7.63+" |
99 <item name="Buffer underflow vulnerability" | 104 <item name="Buffer underflow vulnerability" |
100 severity="major" | 105 severity="major" |
101 cert="180065" | 106 cert="180065" |
102 cve="2009-2629" | 107 cve="2009-2629" |
103 good="0.8.15+, 0.7.62+, 0.6.39+, 0.5.38+" | 108 good="0.8.15+, 0.7.62+, 0.6.39+, 0.5.38+" |
104 vulnerable="0.1.0-0.8.14" | 109 vulnerable="0.1.0-0.8.14"> |
105 patch="patch.180065.txt" /> | 110 <patch name="patch.180065.txt" /> |
111 </item> | |
106 | 112 |
107 <item name="Null pointer dereference vulnerability" | 113 <item name="Null pointer dereference vulnerability" |
108 severity="major" | 114 severity="major" |
109 cve="2009-3896" | 115 cve="2009-3896" |
110 good="0.8.14+, 0.7.62+, 0.6.39+, 0.5.38+" | 116 good="0.8.14+, 0.7.62+, 0.6.39+, 0.5.38+" |
111 vulnerable="0.1.0-0.8.13" | 117 vulnerable="0.1.0-0.8.13"> |
112 patch="patch.null.pointer.txt" /> | 118 <patch name="patch.null.pointer.txt" /> |
119 </item> | |
113 | 120 |
114 </security> | 121 </security> |
115 | 122 |
116 </section> | 123 </section> |
117 | 124 |