Key thing to check is if all binaries build with the --with-debug option. If they all build with it, then we are not vulnerable. (according to the Debian people)
-- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to nginx in Ubuntu. https://bugs.launchpad.net/bugs/1294280 Title: [CVE-2014-0133] SPDY Heap Buffer Overflow Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1294280/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs