In case this helps, here's some documentation to test the issue with the
new upstream test cases:
https://wiki.debian.org/LTS/TestSuites/nginx
and my planned stretch package:
https://www.beuc.net/tmp/debian-lts/nginx/
Cheers!
Sylvain Beucler
Debian LTS Team
diff -Nru
Package: nginx
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security upstream
Hi,
The following vulnerability was published for ngx_lua.
CVE-2020-11724[0]:
| ngx_http_lua_subrequest.c allows HTTP request smuggling, as
| demonstrated by the ngx.location.capture API.
If you fix
2 matches
Mail list logo
