Mercurial > hg > nginx-site
comparison xml/en/security_advisories.xml @ 1645:d4b29af80036
nginx-1.9.10, nginx-1.8.1
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Tue, 26 Jan 2016 18:30:39 +0300 |
| parents | bb18e3bd3fb9 |
| children | e85d7bd9345f |
comparison
equal
deleted
inserted
replaced
| 1644:52033e4b0063 | 1645:d4b29af80036 |
|---|---|
| 21 Patches are signed using one of the | 21 Patches are signed using one of the |
| 22 <link doc="pgp_keys.xml">PGP public keys</link>. | 22 <link doc="pgp_keys.xml">PGP public keys</link>. |
| 23 </para> | 23 </para> |
| 24 | 24 |
| 25 <security> | 25 <security> |
| 26 | |
| 27 <item name="Invalid pointer dereference in resolver" | |
| 28 severity="medium" | |
| 29 cve="2016-0742" | |
| 30 good="1.9.10+, 1.8.1+" | |
| 31 vulnerable="0.6.18-1.9.9" /> | |
| 32 | |
| 33 <item name="Use-after-free during CNAME response processing in resolver" | |
| 34 severity="medium" | |
| 35 cve="2016-0746" | |
| 36 good="1.9.10+, 1.8.1+" | |
| 37 vulnerable="0.6.18-1.9.9" /> | |
| 38 | |
| 39 <item name="Insufficient limits of CNAME resolution in resolver" | |
| 40 severity="medium" | |
| 41 cve="2016-0747" | |
| 42 good="1.9.10+, 1.8.1+" | |
| 43 vulnerable="0.6.18-1.9.9" /> | |
| 26 | 44 |
| 27 <item name="SSL session reuse vulnerability" | 45 <item name="SSL session reuse vulnerability" |
| 28 severity="medium" | 46 severity="medium" |
| 29 cve="2014-3616" | 47 cve="2014-3616" |
| 30 good="1.7.5+, 1.6.2+" | 48 good="1.7.5+, 1.6.2+" |