CVE-2011-4968 Fix Included in Which Release?

Lukas Tribus luky-37 at hotmail.com
Mon Feb 2 18:23:24 UTC 2015


> Hello.
>
> I am well aware that CVE-2011-4968 had a fix included for it (based on
> http://trac.nginx.org/nginx/ticket/13 and
> http://trac.nginx.org/nginx/changeset/060c2e692b96a150b584b8e30d596be1f2defa9c/nginx)
> however I do not see an entry for it in the changelog.
>
> With what release/version did this get included in NGINX?

proxy_ssl_verify and proxy_ssl_verify_depth keywords are supported since
nginx 1.7.0 and appear in the changlog as:
"Feature: backend SSL certificate verification"

By adivsed that you need to configure this, it doesn't just work out of the
box.

Lukas


[1] http://nginx.org/en/docs/http/ngx_http_proxy_module.html&proxy_ssl_verify
[2] http://nginx.org/en/docs/http/ngx_http_proxy_module.html&proxy_ssl_verify_depth
[3] http://nginx.org/en/CHANGES

 		 	   		  


More information about the nginx-devel mailing list