[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 55-1] nginx security update



Package        : nginx
Version        : 0.7.67-3+squeeze4
CVE ID         : CVE-2014-3616

Antoine Delignat-Lavaud discovered that it was possible to reuse SSL
sessions in unrelated contexts if a shared SSL session cache or the same TLS
session ticket key was used for multiple "server" blocks.

Attachment: signature.asc
Description: Digital signature


Reply to: