Mercurial > hg > nginx-site
comparison text/en/CHANGES-1.6 @ 1292:bb18e3bd3fb9
nginx-1.7.5, nginx-1.6.2
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Tue, 16 Sep 2014 17:20:27 +0400 |
parents | f6d12250cda5 |
children | 493fb0be4f58 |
comparison
equal
deleted
inserted
replaced
1291:d7740f42b00a | 1292:bb18e3bd3fb9 |
---|---|
1 | |
2 Changes with nginx 1.6.2 16 Sep 2014 | |
3 | |
4 *) Security: it was possible to reuse SSL sessions in unrelated contexts | |
5 if a shared SSL session cache or the same TLS session ticket key was | |
6 used for multiple "server" blocks (CVE-2014-3616). | |
7 Thanks to Antoine Delignat-Lavaud. | |
8 | |
9 *) Bugfix: requests might hang if resolver was used and a DNS server | |
10 returned a malformed response; the bug had appeared in 1.5.8. | |
11 | |
12 *) Bugfix: requests might hang if resolver was used and a timeout | |
13 occurred during a DNS request. | |
14 | |
1 | 15 |
2 Changes with nginx 1.6.1 05 Aug 2014 | 16 Changes with nginx 1.6.1 05 Aug 2014 |
3 | 17 |
4 *) Security: pipelined commands were not discarded after STARTTLS | 18 *) Security: pipelined commands were not discarded after STARTTLS |
5 command in SMTP proxy (CVE-2014-3556); the bug had appeared in 1.5.6. | 19 command in SMTP proxy (CVE-2014-3556); the bug had appeared in 1.5.6. |