CVE-2011-4968 Fix Included in Which Release?

Lukas Tribus luky-37 at
Mon Feb 2 18:23:24 UTC 2015

> Hello.
> I am well aware that CVE-2011-4968 had a fix included for it (based on
> and
> however I do not see an entry for it in the changelog.
> With what release/version did this get included in NGINX?

proxy_ssl_verify and proxy_ssl_verify_depth keywords are supported since
nginx 1.7.0 and appear in the changlog as:
"Feature: backend SSL certificate verification"

By adivsed that you need to configure this, it doesn't just work out of the




More information about the nginx-devel mailing list