UbuntuUpdates.org

Package "nginx"

Name: nginx

Description:

small, but very powerful and efficient web server and mail proxy
Latest version: 1.1.19-1ubuntu0.7
Release: precise (12.04)
Level: security
Repository: universe
Homepage: http://nginx.net

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "nginx"

All arch deb package
APT INSTALL

Other versions of "nginx" in Precise

Repository Area Version
base universe 1.1.19-1
updates universe 1.1.19-1ubuntu0.8
PPA: Nginx 1.10.1-3+precise3

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.1.19-1ubuntu0.7 2015-01-06 19:21:04 UTC

  nginx (1.1.19-1ubuntu0.7) precise-security; urgency=medium

  * SECURITY UPDATE: incorrect cached SSL session reuse (LP: #1370478)
    - debian/patches/CVE-2014-3616.patch: Use a random value for session id
      context, since there is no support for shared TLS Session Tickets in
      this version in src/event/ngx_event_openssl.c.
    - CVE-2014-3616
 -- Lev Lazinskiy <email address hidden> Fri, 05 Dec 2014 22:25:50 -0500
Source diff to previous version
1370478 [CVE-2014-3616] \
CVE-2014-3616 reuse cached SSL sessions in unrelated contexts

Version: 1.1.19-1ubuntu0.5 2013-11-22 05:06:19 UTC

  nginx (1.1.19-1ubuntu0.5) precise-security; urgency=low

  * SECURITY UPDATE: ACL bypass via space character (LP: #1253691)
    - debian/patches/cve-2013-4547.patch: modify src/http/ngx_http_parse.c
      to account for a space character, fixing an issue which could result in
      security restrictions being bypassed
    - CVE-2013-4547
 -- Thomas Ward <email address hidden> Thu, 21 Nov 2013 13:02:22 -0500
Source diff to previous version
1253691 Specially crafted request URI permits security restriction bypass [CVE-2013-4547]
CVE-2013-4547 security restrictions bypass

Version: 1.1.19-1ubuntu0.2 2013-05-29 01:07:11 UTC

  nginx (1.1.19-1ubuntu0.2) precise-security; urgency=low

  * Security update (closes LP: #1182586):
    * Patch to fix a buffer overflow vulnerability (CVE-2013-2070)
 -- Thomas Ward <email address hidden> Fri, 24 May 2013 12:21:02 -0400
1182586 CVE-2013-2070: nginx proxy_pass buffer overflow vulnerability
CVE-2013-2070 nginx proxy_pass buffer overflow


About   -   Send Feedback to @ubuntu_updates