Date: Fri, 13 Apr 2012 15:04:10 +0200 From: Rodrigo OSORIO <rodrigo@bebik.net> To: freebsd-ports@freebsd.org Subject: nginx security update Message-ID: <20120413130409.GA17320@oldfaithful.bebik.local>
next in thread | raw e-mail | index | archive | help
Hi, A new entry seems to be needed in the vuxml database to report this new security issue for both nginx < 1.0.5 and nginx-dev < 1.1.19. Regards, Rodrigo OSORIO On 13/04/12 12:11 +0000, Sergey A. Osokin wrote: > osa 2012-04-13 12:11:04 UTC > > FreeBSD ports repository > > Modified files: > www/nginx Makefile distinfo > Log: > Security update from 1.0.14 to 1.0.15. > > <ChangeLog> > > *) Security: specially crafted mp4 file might allow to overwrite memory > locations in a worker process if the ngx_http_mp4_module was used, > potentially resulting in arbitrary code execution (CVE-2012-2089). > Thanks to Matthew Daley. > > *) Bugfix: in the ngx_http_mp4_module. > > </ChangeLog> > > Revision Changes Path > 1.318 +1 -1 ports/www/nginx/Makefile > 1.276 +2 -2 ports/www/nginx/distinfo > _______________________________________________ > cvs-ports@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/cvs-ports > To unsubscribe, send any mail to "cvs-ports-unsubscribe@freebsd.org" ----- End forwarded message -----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120413130409.GA17320>