Re: Nginx CVE-2013-4547

To: debian-devel@lists.debian.org
Subject: Re: Nginx CVE-2013-4547
From: "Thijs Kinkhorst" <thijs@debian.org>
Date: Wed, 20 Nov 2013 14:05:26 +0100
Message-id: <[🔎] 880fb26357b51ac3236cb1259f84c979.squirrel@aphrodite.kinkhorst.nl>
In-reply-to: <[🔎] 6b7b9462839bae4ca2e03a4839be942d@yourcmc.ru>
References: <[🔎] 05e3cb67c40a8296b4691324d8ffee0c@yourcmc.ru> <[🔎] CAPDygewjgBgNDRqZTsgXwiWJHdzK6cSQ790B_oqy=qcg9Ttu8A@mail.gmail.com> <[🔎] 6b7b9462839bae4ca2e03a4839be942d@yourcmc.ru>

On Wed, November 20, 2013 13:37, vitalif@yourcmc.ru wrote:
>>> Is a Debian security update expected to come out for it?
>>
>> Yes. Nginx team has already submitted updated package to security team.
>
> Thanks for the information! I've actually found the bug stating this:
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730012
>
> And what's the Debian process for such updates? Is it described
> somewhere? I.e. what are the next steps that are done with such updates?

The process from a Debian user point of view is more or less described here:
http://www.debian.org/doc/manuals/securing-debian-howto/ch7.en.html


Thijs

Reply to:

References:
- Nginx CVE-2013-4547
  - From: vitalif@yourcmc.ru
- Re: Nginx CVE-2013-4547
  - From: Kartik Mistry <kartik.mistry@gmail.com>
- Re: Nginx CVE-2013-4547
  - From: vitalif@yourcmc.ru

Prev by Date: Re: Nginx CVE-2013-4547
Next by Date: Re: Subversion 1.8.4
Previous by thread: Re: Nginx CVE-2013-4547
Next by thread: Bug#730120: ITP: volatility-profiles -- Linux profiles to Volatility
Index(es):
- Date
- Thread