/[advisories]/10085.adv
ViewVC logotype

Annotation of /10085.adv

Parent Directory Parent Directory | Revision Log Revision Log


Revision 3 - (hide annotations) (download)
Thu Jun 6 15:25:12 2013 UTC (8 years, 6 months ago) by boklm
File size: 798 byte(s)
Add advisory for bug 10085
1 boklm 3 ID: MGASA-2013-0160
2     pubtime: 1370521473
3     type: security
4     src:
5     3:
6     core:
7     - nginx-1.2.9-1.1.mga3
8     CVE:
9     - CVE-2013-2070
10     subject: Updated nginx package fixes security vulnerability
11     description: |
12     A security problem related to CVE-2013-2028 was identified, affecting some
13     previous nginx versions if proxy_pass to untrusted upstream HTTP servers is
14     used. The problem may lead to a denial of service or a disclosure of a
15     worker process memory on a specially crafted response from an upstream
16     proxied server (CVE-2013-2070).
17     references:
18     - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2070
19     - http://mailman.nginx.org/pipermail/nginx-announce/2013/000114.html
20     - http://nginx.org/en/CHANGES-1.2
21     - http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105950.html

  ViewVC Help
Powered by ViewVC 1.1.28