security advisory
Maxim Dounin
mdounin at mdounin.ru
Thu Mar 15 13:01:36 UTC 2012
Hello!
On Thu, Mar 15, 2012 at 01:52:26PM +0100, Antonio P.P. Almeida wrote:
> > Hello!
>
> Hello Maxim,
>
> > Matthew Daley recently discovered a security problem which may
> > lead to a disclosure of previously freed memory on specially
> > crafted response from an upstream server, potentially resulting in
> > sensitive information leak.
> >
> > Patch for the problem can be found here:
> >
> > http://nginx.org/download/patch.2012.memory.txt
> >
> > The patch is not required for 1.1.17, 1.0.14.
>
> There's a CVE # for it? Someone asked me about it on twitter.
No.
Maxim Dounin
More information about the nginx
mailing list