Re: nginx and CVE-2016-4450

To: Rodrigo Campos <rodrigo@sdfg.com.ar>
Cc: debian-backports@lists.debian.org, Christos Trochalakis <yatiohi@ideopolis.gr>, nginx@packages.debian.org
Subject: Re: nginx and CVE-2016-4450
From: James Lu <bitflip3@gmail.com>
Date: Fri, 3 Jun 2016 18:11:07 -0700
Message-id: <[🔎] dd2b51d1-c45a-6f79-9408-79466dadb2f1@gmail.com>
In-reply-to: <[🔎] 20160603213132.GE12252@sdfg.com.ar>
References: <[🔎] 20160603213132.GE12252@sdfg.com.ar>

Hi everyone,

Seeing as this was a security update, I backported nginx locally on a
server running Jessie. The results are at
https://overdrivenetworks.com/f/nginx-1.10.1-1~bpo8+1/ (signed) if there
is any interest.

CC'ing the nginx maintainers as it's probably more reliable for them to
continue maintaining backports in the long run.

Best,
James

On 03/06/16 02:31 PM, Rodrigo Campos wrote:
> Hi,
>
> There is a security bug that affects nginx in jessie backports, CVE-2016-4450, and
> that bug has been fixed in stable and unstable. Can it be fixed in jessie
> backports too, please? :)
>
>
>
> Thanks a lot,
> Rodrigo
>

Reply to:

Follow-Ups:
- Re: nginx and CVE-2016-4450
  - From: Christos Trochalakis <yatiohi@ideopolis.gr>

References:
- nginx and CVE-2016-4450
  - From: Rodrigo Campos <rodrigo@sdfg.com.ar>

Prev by Date: nginx and CVE-2016-4450
Next by Date: Re: mcelog bpo for hardware enablement?
Previous by thread: nginx and CVE-2016-4450
Next by thread: Re: nginx and CVE-2016-4450
Index(es):
- Date
- Thread