I just saw something strange on http://nginx.org/en/security_advisories.html
:
"An error log data are not sanitized
Severity: none
CVE-2009-4487 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4487
Not vulnerable: none
Vulnerable: all"
Severity is labelled as 'None', though the CVE talks, among other stuff,
about 'arbitrary commands and file write'.
Is your advisories page wrong? Is the CVE wrong? Has this been solved?
---
*B. R.*
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx