Advisories » MGASA-2016-0216

Updated nginx packages fix CVE-2016-4450

Publication date: 02 Jun 2016
Modification date: 02 Jun 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-4450

Description

Updated nginx package fixes security vulnerability:

A problem was identified in nginx code responsible for saving client request
body to a temporary file.  A specially crafted request might result in worker
process crash due to a NULL pointer dereference while writing client request
body to a temporary file (CVE-2016-4450).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=18595
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450

SRPMS

5/core

• nginx-1.6.2-5.2.mga5