Mercurial > hg > nginx-site

comparison xml/en/security_advisories.xml @ 1012:f7fe7da742c6

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
nginx-1.5.7, nginx-1.4.4
author Maxim Dounin <mdounin@mdounin.ru>
date Tue, 19 Nov 2013 18:57:50 +0400
parents ef5485fb932d
children 48fe3c9534bd
comparison
equal deleted inserted replaced
1011:2ad2f30efdf2 1012:f7fe7da742c6
21 Patches are signed using one of the 21 Patches are signed using one of the
22 <link doc="pgp_keys.xml">PGP public keys</link>. 22 <link doc="pgp_keys.xml">PGP public keys</link>.
23 </para> 23 </para>
24 24
25 <security> 25 <security>
26
27 <item name="Request line parsing vulnerability"
28 severity="medium"
29 cve="2013-4547"
30 good="1.5.7+, 1.4.4+"
31 vulnerable="0.8.41-1.5.16">
32 <patch name="patch.2013.space.txt" />
33 </item>
26 34
27 <item name="Memory disclosure with specially crafted HTTP backend responses" 35 <item name="Memory disclosure with specially crafted HTTP backend responses"
28 severity="medium" 36 severity="medium"
29 advisory="http://mailman.nginx.org/pipermail/nginx-announce/2013/000114.html" 37 advisory="http://mailman.nginx.org/pipermail/nginx-announce/2013/000114.html"
30 cve="2013-2070" 38 cve="2013-2070"