[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 404-1] nginx security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : nginx
Version        : 0.7.67-3+squeeze4+deb6u1
CVE ID         : CVE-2016-0742
Debian Bug     : 812806

It was discovered that there was a invalid pointer deference in nginx, a
small, powerful, scalable web/proxy server.  An invalid pointer
dereference might occur during DNS server response processing, allowing
an attacker who is able to forge UDP packets from the DNS server to cause
worker process crash

For Debian 6 Squeeze, this issue has been fixed in nginx version
0.7.67-3+squeeze4+deb6u1.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWqI/TAAoJEB6VPifUMR5YdrcP/20Tm257pxDmud0zbGC8OaJV
kciLXfhxIJhkzjNEDJW85uh9rIeeOabhoLDLm7uyN59v4W+tD4LVfYKHQ6XQ+RE+
dmxD+/YUzKAZzWuQVo0qNgVXuDaGrj+ajOjoZmA5avUuIbdeCQj8+ivxGLdiVj8o
jOi8fI89mk+RgrVpYhAkxngSU6ZjsAPGennaBDBfdZtcaNUsSbKbV1UUkTaFjvsK
QmqiYhnRSw27PlWqwQUO3nXlXrofT5qVQjmBcaDIVTU/fL5e4M3EBzXzLa7Tgg9y
4wFPa8OylPabwzb7jeW+J00BxDoX26+JmT/igaYro6M9I2aMTqoX5GhuFNE8dM/b
f3telwNfuS9xGlHJ7CC6iujBNtVahvSOrwCZsKBo1y62kCu6dDbFHg/WRkwJaIHh
F8cs9Ir9g8p7iYlBHqAD4oHSYarshKVDM54pnuU7dwViDYH6vRLxTgL97s9szv5d
4kMPW4DBqNsY3QtkOmyhZd5hsuWTcRqF93bT0MrLn3hZN9Rh/ej2BfJN4KKYb/KI
S/7AhrguVf5qV2blm1IB2/SX5+QiaynfgifmQoD/lgOSBe1103t7XlQDbQcL53NA
CSlRiqRcWjC8ZhUnLg7JCIEOf3M91FGieamdiMHto7+3ravqvAhMXVltJWf1LKk2
d31qs6mjeRRndWd8pfuw
=1Ljs
-----END PGP SIGNATURE-----


Reply to: