** Changed in: nginx (Debian)
Status: Fix Committed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nginx in Ubuntu.
https://bugs.launchpad.net/bugs/1403283
Title:
[Security] BREACH vulnerability is not
** Changed in: nginx
Status: New = Confirmed
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nginx in Ubuntu.
https://bugs.launchpad.net/bugs/1403283
Title:
[Security] BREACH vulnerability is not mitigated in default
** Changed in: nginx (Debian)
Status: New = Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nginx in Ubuntu.
https://bugs.launchpad.net/bugs/1403283
Title:
[Security] BREACH vulnerability is not mitigated in
** Changed in: nginx (Ubuntu)
Status: New = Confirmed
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nginx in Ubuntu.
https://bugs.launchpad.net/bugs/1403283
Title:
[Security] BREACH vulnerability is not mitigated in default
Additional notes:
Disabling HTTP-level compression by default is not a decent option to
solving this. Mitigation is mostly on an application level, then,
however there are third-party modules that can be included (in the
Universe binaries) which would add length hiding as a potential
mitigation
** Bug watch added: Debian Bug tracker #773332
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773332
** Also affects: nginx (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773332
Importance: Unknown
Status: Unknown
--
You received this bug notification because
** Changed in: nginx
Importance: Undecided = High
** Changed in: nginx
Importance: High = Medium
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nginx in Ubuntu.
https://bugs.launchpad.net/bugs/1403283
Title:
[Security]
** Changed in: nginx (Debian)
Status: Unknown = New
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nginx in Ubuntu.
https://bugs.launchpad.net/bugs/1403283
Title:
[Security] BREACH vulnerability is not mitigated in default
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-3587
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nginx in Ubuntu.
https://bugs.launchpad.net/bugs/1403283
Title:
[Security] BREACH vulnerability is not