This bug was fixed in the package nginx - 0.6.35-0ubuntu1.1
---
nginx (0.6.35-0ubuntu1.1) jaunty-security; urgency=low
* SECURITY UPDATE: Buffer underflow vulnerability, which allows remote
attackers to execute arbitrary code via crafted HTTP request. (LP: #430064)
-
** Changed in: nginx (Ubuntu)
Assignee: Marc Deslauriers (mdeslaur) = (unassigned)
--
Security fix in recent release 0.6.39/DSA-1884-1
https://bugs.launchpad.net/bugs/430064
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
In prior comments it was said that this security problem was fixed in
0.7.61. According to http://nginx.net/CHANGES-0.7 it was actually fixed
in 0.7.62. There were also a number of other bug fixes in 0.7.62. The
karmic package page currently lists 0.7.61 as the distribution release.
Please
Regarding last comment, as of this writing Debian sid is at 0.7.62-1.
--
Security fix in recent release 0.6.39/DSA-1884-1
https://bugs.launchpad.net/bugs/430064
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing
mdepot: I think the fix has been backported to Ubuntu's 0.7.61-1ubuntu2
- at least that's what I understand from the changelog.
What's in progress now is probably the processing for previous Ubuntu
releases, and it should get handled through tasks for the particular
releases (i.e. a task for
** Changed in: nginx (Ubuntu)
Status: In Progress = Fix Committed
--
Security fix in recent release 0.6.39/DSA-1884-1
https://bugs.launchpad.net/bugs/430064
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing
** Changed in: nginx (Ubuntu)
Assignee: (unassigned) = Marc Deslauriers (mdeslaur)
--
Security fix in recent release 0.6.39/DSA-1884-1
https://bugs.launchpad.net/bugs/430064
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
Attaching security update debdiff for Jaunty.
** Attachment added: nginx_0.6.35-0ubuntu1.1.debdiff
http://launchpadlibrarian.net/32624109/nginx_0.6.35-0ubuntu1.1.debdiff
--
Security fix in recent release 0.6.39/DSA-1884-1
https://bugs.launchpad.net/bugs/430064
You received this bug
Attaching Security update debdiff for Intrepid.
** Attachment added: nginx_0.6.32-3ubuntu1.1.debdiff
http://launchpadlibrarian.net/32624115/nginx_0.6.32-3ubuntu1.1.debdiff
--
Security fix in recent release 0.6.39/DSA-1884-1
https://bugs.launchpad.net/bugs/430064
You received this bug
Attaching Security Update debdiff for Hardy
** Attachment added: nginx_0.5.33-1ubuntu0.1.debdiff
http://launchpadlibrarian.net/32624138/nginx_0.5.33-1ubuntu0.1.debdiff
** Changed in: nginx (Ubuntu)
Status: Fix Released = In Progress
** Changed in: nginx (Ubuntu)
Assignee: Andres
Test performed to this point where to verify the build and normal
installation and operation of nginx, this far everything works as
expected.
Built packages can be found at:
https://launchpad.net/~andreserl/+archive/ha
--
Security fix in recent release 0.6.39/DSA-1884-1
This bug was fixed in the package nginx - 0.7.61-1ubuntu2
---
nginx (0.7.61-1ubuntu2) karmic; urgency=low
* Install html files.
- debian/dirs: Add 'var/www/nginx-default'.
- debian/nginx.install: Add 'html/* var/www/nginx-default'.
* SECURITY UPDATE (CVE-2009-2629):
** Tags added: patch
--
Security fix in recent release 0.6.39/DSA-1884-1
https://bugs.launchpad.net/bugs/430064
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
Dear Andres
Can you please change nginx version from 0.5.33 to 0.6.39 (which is patched
one too) in 8.0.4 LTS
We're very interesting in this by using new nginx features and options
Thanks in advance, MaxIgor
--
Security fix in recent release 0.6.39/DSA-1884-1
There is already a backports package that has 0.6:
http://packages.ubuntu.com/hardy-backports/nginx
--
Security fix in recent release 0.6.39/DSA-1884-1
https://bugs.launchpad.net/bugs/430064
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-2629
--
Security fix in recent release 0.6.39/DSA-1884-1
https://bugs.launchpad.net/bugs/430064
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs
** Changed in: nginx (Ubuntu)
Status: In Progress = Triaged
--
Security fix in recent release 0.6.39/DSA-1884-1
https://bugs.launchpad.net/bugs/430064
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
patch: http://sysoev.ru/nginx/patch.180065.txt
Affected 0.1.0-0.8.14.
Not affected 0.8.15, 0.7.62, 0.6.39 and 0.5.38
--
Security fix in recent release 0.6.39/DSA-1884-1
https://bugs.launchpad.net/bugs/430064
You received this bug notification because you are a member of Ubuntu
Bugs, which is
** Changed in: nginx (Ubuntu)
Status: New = Confirmed
** Changed in: nginx (Ubuntu)
Importance: Undecided = High
** Changed in: nginx (Ubuntu)
Assignee: (unassigned) = Andres E. Rodriguez Lazo (andreserl)
--
Security fix in recent release 0.6.39/DSA-1884-1
** Changed in: nginx (Ubuntu)
Status: Confirmed = In Progress
--
Security fix in recent release 0.6.39/DSA-1884-1
https://bugs.launchpad.net/bugs/430064
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
20 matches
Mail list logo