Nginx Debian vulnerabilities
khatfield at serverorigin.com
khatfield at serverorigin.com
Thu Aug 12 22:33:42 MSD 2010
That's a fairly old package and likely is still vulnerable. Igor or another developer would be best to say whether the Debian team integrates patches into their packages. (Igor is on vacation) However, personally, I would download the source for the newest legacy version (if that's what you want) and compile it yourself.
There are detailed instructions in the wiki for installation manually.
Prior to doing that, simply use:
apt-get remove nginx
In either case, vulnerable or not, there were quite a few fixes between .2 and .9. You would benefit from the most updated branch of your choosing.
-Kevin
------Original Message------
From: Mesaya at gmx.de
Sender: nginx-bounces at nginx.org
To: nginx at nginx.org
ReplyTo: nginx at nginx.org
Subject: Nginx Debian vulnerabilities
Sent: Aug 12, 2010 10:10 AM
Are the vulnerabilities listed at http://nginx.org/en/security_advisories.html fixed in the recent debian lenny packet?
# nginx -v
nginx version: nginx/0.6.32
I've installed nginx through apt-get install nginx, am I vunerable to any of those vulnerabilities?
--
GMX DSL SOMMER-SPECIAL: Surf & Phone Flat 16.000 für nur 19,99 ¿/mtl.!*
http://portal.gmx.net/de/go/dsl
_______________________________________________
nginx mailing list
nginx at nginx.org
http://nginx.org/mailman/listinfo/nginx
More information about the nginx
mailing list