-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : nginx Version : 1.2.1-2.2+wheezy4+deb7u1 CVE ID : CVE-2017-7529 Debian Bug : #868109
It was discovered that there was vulnerability in the range filter of nginx, a web/proxy server. A specially crafted request might result in an integer overflow and incorrect processing of HTTP ranges, potentially resulting in a sensitive information leak. For Debian 7 "Wheezy", this issue has been fixed in nginx version 1.2.1-2.2+wheezy4+deb7u1. We recommend that you upgrade your nginx packages. Regards, - -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAllnK9YACgkQHpU+J9Qx HliX5A//dPavm2srbLpx/CUhR2fJoy3fOK7+tbVc/5o/fNMCZD2mrHnvBKvxjoDP 6MDpgHdaqwRYh5hX2z5S2JPCLC+7DMT66AN790KOPPiM04Xm2Ob7h27x5wAf+lsM J31fuEiJmb+ovgyERwVnk5SpWxrfu5YVXaEfyUCbVDQ03LS6Fx/Qnhb9OlVlpRx0 ZD0HISjcHi7oJ8lXEhTEfEs6et3B+lO3MaZKeXdx74N3gqjo1U9sFcfVlxdw0AZ+ l+ofOxwSlLftJ7NyhhpDQmsONaCrwZE9srRtFX8EFuHF3RbKp8iBxOX6Wf2id/W0 KwKuMe6XbqwuFBm7jpbotAnGPIGa5JPoSQuaclMao5e69KvepFr1Z0QtG65tQidh sTNhuhgA4qZMRxUsobg1szxzc464mzHKpxcVwMTqXxbDCvFBAsBMtO5Djumtkg0G XDpAI0VQeyjju1aVESNL9kXAmtSGnUiCioo8Y+iJNGXinsljOh5WsK7HMshweCQD O39EJqS/OTRkHqZRJJeedEdv5OrrZxYHBm/gcmAW5ee68nVuD6mLrwQhdBAXW4tf hPn91J1++FLrS2wblBPIFyUptk+/hgorFPuBw4rLU0JadA6RWvwAwuvRJUTBD2xZ w8bPH1RE/7LT/X3ZXcH5O8Hbmu2u81mZ7RIL/URzjG2Snl+uFcI= =A9Fe -----END PGP SIGNATURE-----