[Bug 1294280] Re: [CVE-2014-0133] SPDY Heap Buffer Overflow Vulnerability
Launchpad Bug Tracker
1294280 at bugs.launchpad.net
Thu Mar 20 22:05:34 UTC 2014
This bug was fixed in the package nginx - 1.4.1-3ubuntu1.3
---------------
nginx (1.4.1-3ubuntu1.3) saucy-security; urgency=low
* SECURITY UPDATE: SPDY Heap Buffer Overflow Vulnerabilty (LP: #1294280)
- debian/patches/cve-2014-0133.patch: modify src/http/ngx_http_spdy.c to
fix a heap buffer overflow vulnerability in the SPDY module by using
a specially crafted request.
- CVE-2014-0133
-- Thomas Ward <teward at ubuntu.com> Tue, 18 Mar 2014 21:17:14 -0400
** Changed in: nginx (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nginx in Ubuntu.
https://bugs.launchpad.net/bugs/1294280
Title:
[CVE-2014-0133] SPDY Heap Buffer Overflow Vulnerability
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1294280/+subscriptions
More information about the Ubuntu-server-bugs
mailing list