Maxim Dounin mdounin at
Tue May 7 11:29:46 UTC 2013

Changes with nginx 1.4.1                                         07 May 2013

    *) Security: a stack-based buffer overflow might occur in a worker
       process while handling a specially crafted request, potentially
       resulting in arbitrary code execution (CVE-2013-2028); the bug had
       appeared in 1.3.9.
       Thanks to Greg MacManus, iSIGHT Partners Labs.

Maxim Dounin

More information about the nginx mailing list