<div dir="ltr"><div>Hi folks,</div><div><br></div><div>Tengine-1.4.6 (development version) has been released.</div><div>You can either checkout the source code from github:</div><div><a href="https://github.com/alibaba/tengine">https://github.com/alibaba/tengine</a> or download the tar ball directly:</div>
<div><a href="http://tengine.taobao.org/download/tengine-1.4.6.tar.gz">http://tengine.taobao.org/download/tengine-1.4.6.tar.gz</a></div><div><br></div><div>We have merged the changes from nginx-1.2.9 which fixed the security</div>
<div>problem CVE-2013-2070. Contents of worker process memory might be</div><div>disclosed if HTTP backend server returned specially crafted response.</div><div>This could cause denial of service or a disclosure of memory.</div>
<div><br></div><div>If you are using Tengine-1.4.x and proxy_pass to untrusted upstream HTTP</div><div>servers, please upgrade to this version as soon as possible!</div><div><br></div><div>Regards,</div><div><br></div>-- <br>
Weibin Yao<br>Developer @ Server Platform Team of Taobao
</div>