Mercurial > hg > nginx
diff docs/xml/nginx/changes.xml @ 5447:7e9543faf5f0 stable-1.4 release-1.4.4
nginx-1.4.4-RELEASE
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Tue, 19 Nov 2013 15:25:24 +0400 |
| parents | 69ffaca77955 |
| children | 844b2af1d65c |
line wrap: on
line diff
--- a/docs/xml/nginx/changes.xml +++ b/docs/xml/nginx/changes.xml @@ -5,6 +5,26 @@ <change_log title="nginx"> +<changes ver="1.4.4" date="19.11.2013"> + +<change type="security"> +<para lang="ru"> +символ, следующий за незакодированным пробелом в строке запроса, +обрабатывался неправильно (CVE-2013-4547); +ошибка появилась в 0.8.41.<br/> +Спасибо Ivan Fratric из Google Security Team. +</para> +<para lang="en"> +a character following an unescaped space in a request line +was handled incorrectly (CVE-2013-4547); +the bug had appeared in 0.8.41.<br/> +Thanks to Ivan Fratric of the Google Security Team. +</para> +</change> + +</changes> + + <changes ver="1.4.3" date="08.10.2013"> <change type="bugfix">