Mercurial > hg > nginx-site
comparison text/en/CHANGES-1.6 @ 1292:bb18e3bd3fb9
nginx-1.7.5, nginx-1.6.2
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Tue, 16 Sep 2014 17:20:27 +0400 |
| parents | f6d12250cda5 |
| children | 493fb0be4f58 |
comparison
equal
deleted
inserted
replaced
| 1291:d7740f42b00a | 1292:bb18e3bd3fb9 |
|---|---|
| 1 | |
| 2 Changes with nginx 1.6.2 16 Sep 2014 | |
| 3 | |
| 4 *) Security: it was possible to reuse SSL sessions in unrelated contexts | |
| 5 if a shared SSL session cache or the same TLS session ticket key was | |
| 6 used for multiple "server" blocks (CVE-2014-3616). | |
| 7 Thanks to Antoine Delignat-Lavaud. | |
| 8 | |
| 9 *) Bugfix: requests might hang if resolver was used and a DNS server | |
| 10 returned a malformed response; the bug had appeared in 1.5.8. | |
| 11 | |
| 12 *) Bugfix: requests might hang if resolver was used and a timeout | |
| 13 occurred during a DNS request. | |
| 14 | |
| 1 | 15 |
| 2 Changes with nginx 1.6.1 05 Aug 2014 | 16 Changes with nginx 1.6.1 05 Aug 2014 |
| 3 | 17 |
| 4 *) Security: pipelined commands were not discarded after STARTTLS | 18 *) Security: pipelined commands were not discarded after STARTTLS |
| 5 command in SMTP proxy (CVE-2014-3556); the bug had appeared in 1.5.6. | 19 command in SMTP proxy (CVE-2014-3556); the bug had appeared in 1.5.6. |