Debian Security Advisory
DLA-404-1 nginx -- LTS security update
- Date Reported:
- 27 Jan 2016
- Affected Packages:
- Security database references:
- In the Debian bugtracking system: Bug 812806.
In Mitre's CVE dictionary: CVE-2016-0742.
- More information:
It was discovered that there was a invalid pointer deference in nginx, a small, powerful, scalable web/proxy server. An invalid pointer dereference might occur during DNS server response processing, allowing an attacker who is able to forge UDP packets from the DNS server to cause worker process crash
For Debian 6 Squeeze, this issue has been fixed in nginx version 0.7.67-3+squeeze4+deb6u1.