diff options
author | nginx <nginx@nginx.org> | 2014-03-18 16:43:46 +0000 |
---|---|---|
committer | Jon Kolb <kolbyjack@gmail.com> | 2014-03-18 16:43:46 +0000 |
commit | c6e7bb24dc541324343df6e734a44aa8e75b446f (patch) | |
tree | 6d8ff6e4a56a211e7cb04578877e4c00981c6da4 /src/http/ngx_http_parse.c | |
parent | 433c60ea060aa4be99c69bde2eda030f920c97ee (diff) | |
download | nginx-c6e7bb24dc541324343df6e734a44aa8e75b446f.tar.gz |
Changes with nginx 1.5.12 18 Mar 2014v1.5.12
*) Security: a heap memory buffer overflow might occur in a worker
process while handling a specially crafted request by
ngx_http_spdy_module, potentially resulting in arbitrary code
execution (CVE-2014-0133).
Thanks to Lucas Molas, researcher at Programa STIC, FundaciĆ³n Dr.
Manuel Sadosky, Buenos Aires, Argentina.
*) Feature: the "proxy_protocol" parameters of the "listen" and
"real_ip_header" directives, the $proxy_protocol_addr variable.
*) Bugfix: in the "fastcgi_next_upstream" directive.
Thanks to Lucas Molas.
Diffstat (limited to 'src/http/ngx_http_parse.c')
0 files changed, 0 insertions, 0 deletions