[nginx] nginx-1.2.9-RELEASE
Maxim Dounin
mdounin at mdounin.ru
Mon May 13 11:29:06 UTC 2013
details: http://hg.nginx.com/nginx/rev/0e80c5bf5e1b
branches: stable-1.2
changeset: 5207:0e80c5bf5e1b
user: Maxim Dounin <mdounin at mdounin.ru>
date: Mon May 13 14:41:51 2013 +0400
description:
nginx-1.2.9-RELEASE
diffstat:
docs/xml/nginx/changes.xml | 18 ++++++++++++++++++
1 files changed, 18 insertions(+), 0 deletions(-)
diffs (28 lines):
diff --git a/docs/xml/nginx/changes.xml b/docs/xml/nginx/changes.xml
--- a/docs/xml/nginx/changes.xml
+++ b/docs/xml/nginx/changes.xml
@@ -5,6 +5,24 @@
<change_log title="nginx">
+<changes ver="1.2.9" date="13.05.2013">
+
+<change type="security">
+<para lang="ru">
+содержимое памяти рабочего процесса могло быть отправлено клиенту,
+если HTTP-бэкенд возвращал специально созданный ответ (CVE-2013-2070);
+ошибка появилась в 1.1.4.
+</para>
+<para lang="en">
+contents of worker process memory might be sent to a client
+if HTTP backend returned specially crafted response (CVE-2013-2070);
+the bug had appeared in 1.1.4.
+</para>
+</change>
+
+</changes>
+
+
<changes ver="1.2.8" date="02.04.2013">
<change type="bugfix">
More information about the nginx-devel
mailing list