Advisories ยป MGASA-2013-0160

Updated nginx package fixes security vulnerability

Publication date: 06 Jun 2013
Modification date: 18 Jun 2013
Type: security
Affected Mageia releases : 3
CVE: CVE-2013-2070

Description

A security problem related to CVE-2013-2028 was identified, affecting some
previous nginx versions if proxy_pass to untrusted upstream HTTP servers is
used.  The problem may lead to a denial of service or a disclosure of a
worker process memory on a specially crafted response from an upstream
proxied server (CVE-2013-2070).

References

SRPMS

3/core