> Hello!
Hello Maxim,
> Matthew Daley recently discovered a security problem which may
> lead to a disclosure of previously freed memory on specially
> crafted response from an upstream server, potentially resulting in
> sensitive information leak.
>
> Patch for the problem can be found here:
>
> http://nginx.org/download/patch.2012.memory.txt
>
> The patch is not required for 1.1.17, 1.0.14.
There's a CVE # for it? Someone asked me about it on twitter.
Thanks,
--appa
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx