tag name | v1.4.7 (18a92f0bb3048447bc1eb8da70d3a1c0089dda56) |
tag date | 2014-03-18 16:43:46 +0000 |
tagged by | Jon Kolb <kolbyjack@gmail.com> |
tagged object | commit 47c4fba86c... |
download | nginx-1.4.7.tar.gz |
---|
Changes with nginx 1.4.7 18 Mar 2014
*) Security: a heap memory buffer overflow might occur in a worker
process while handling a specially crafted request by
ngx_http_spdy_module, potentially resulting in arbitrary code
execution (CVE-2014-0133).
Thanks to Lucas Molas, researcher at Programa STIC, FundaciĆ³n Dr.
Manuel Sadosky, Buenos Aires, Argentina.
*) Bugfix: in the "fastcgi_next_upstream" directive.
Thanks to Lucas Molas.