[nginx-announce] nginx-1.5.0

Maxim Dounin mdounin at mdounin.ru
Tue May 7 11:29:21 UTC 2013


Changes with nginx 1.5.0                                         07 May 2013

    *) Security: a stack-based buffer overflow might occur in a worker
       process while handling a specially crafted request, potentially
       resulting in arbitrary code execution (CVE-2013-2028); the bug had
       appeared in 1.3.9.
       Thanks to Greg MacManus, iSIGHT Partners Labs.


-- 
Maxim Dounin
http://nginx.org/en/donation.html



More information about the nginx-announce mailing list