On Thu, 2010-08-12 at 17:10 +0200, Mesaya@gmx.de wrote:
> Are the vulnerabilities listed at http://nginx.org/en/security_advisories.html fixed in the recent debian lenny packet?
>
> # nginx -v
> nginx version: nginx/0.6.32
>
> I've installed nginx through apt-get install nginx, am I vunerable to any of those vulnerabilities?
The vulnerable versions are listed on the page you linked, so you seem
to have answered your own question.
In any case, 0.6.x is old and unsupported and 0.6.32 isn't even the
latest of the old, unsupported releases. You are certainly vulnerable
to any non-Windows-specific issues.
You should install at least 0.7.x.
Cliff
--
_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx