[nginx-announce] nginx-1.4.1

Maxim Dounin mdounin at mdounin.ru
Tue May 7 11:29:53 UTC 2013


Changes with nginx 1.4.1                                         07 May 2013

    *) Security: a stack-based buffer overflow might occur in a worker
       process while handling a specially crafted request, potentially
       resulting in arbitrary code execution (CVE-2013-2028); the bug had
       appeared in 1.3.9.
       Thanks to Greg MacManus, iSIGHT Partners Labs.


-- 
Maxim Dounin
http://nginx.org/en/donation.html



More information about the nginx-announce mailing list