mdounin at mdounin.ru
Thu Mar 15 13:01:36 UTC 2012
On Thu, Mar 15, 2012 at 01:52:26PM +0100, Antonio P.P. Almeida wrote:
> > Hello!
> Hello Maxim,
> > Matthew Daley recently discovered a security problem which may
> > lead to a disclosure of previously freed memory on specially
> > crafted response from an upstream server, potentially resulting in
> > sensitive information leak.
> > Patch for the problem can be found here:
> > http://nginx.org/download/patch.2012.memory.txt
> > The patch is not required for 1.1.17, 1.0.14.
> There's a CVE # for it? Someone asked me about it on twitter.
More information about the nginx