Welcome! Log In Create A New Profile

Advanced

[nginx-announce] nginx-1.5.12

Posted by Maxim Dounin 
Forum List Message List New Topic
Maxim Dounin
[nginx-announce] nginx-1.5.12
March 18, 2014 12:46PM
Changes with nginx 1.5.12 18 Mar 2014

*) Security: a heap memory buffer overflow might occur in a worker
process while handling a specially crafted request by
ngx_http_spdy_module, potentially resulting in arbitrary code
execution (CVE-2014-0133).
Thanks to Lucas Molas, researcher at Programa STIC, FundaciĆ³n Dr.
Manuel Sadosky, Buenos Aires, Argentina.

*) Feature: the "proxy_protocol" parameters of the "listen" and
"real_ip_header" directives, the $proxy_protocol_addr variable.

*) Bugfix: in the "fastcgi_next_upstream" directive.
Thanks to Lucas Molas.


--
Maxim Dounin
http://nginx.org/en/donation.html

_______________________________________________
nginx-announce mailing list
nginx-announce@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-announce
Reply Quote
Newer Topic Older Topic
Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 270
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready