Hello!
Matthew Daley recently discovered a security problem which may
lead to a disclosure of previously freed memory on specially
crafted response from an upstream server, potentially resulting in
sensitive information leak.
Patch for the problem can be found here:
http://nginx.org/download/patch.2012.memory.txt
The patch is not required for 1.1.17, 1.0.14.
Maxim Dounin
_______________________________________________
nginx-announce mailing list
nginx-announce@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-announce