nginx-1.0.15

Maxim Dounin mdounin at mdounin.ru
Thu Apr 12 13:27:02 UTC 2012


Changes with nginx 1.0.15                                        12 Apr 2012

    *) Security: specially crafted mp4 file might allow to overwrite memory
       locations in a worker process if the ngx_http_mp4_module was used,
       potentially resulting in arbitrary code execution (CVE-2012-2089).
       Thanks to Matthew Daley.

    *) Bugfix: in the ngx_http_mp4_module.


Maxim Dounin



More information about the nginx mailing list