Maxim Dounin mdounin at
Mon May 13 11:32:46 UTC 2013

Changes with nginx 1.2.9                                         13 May 2013

    *) Security: contents of worker process memory might be sent to a client
       if HTTP backend returned specially crafted response (CVE-2013-2070);
       the bug had appeared in 1.1.4.

Maxim Dounin

More information about the nginx mailing list