Debian nginx gzip vulnerability

To: "debian-security@lists.debian.org" <debian-security@lists.debian.org>
Subject: Debian nginx gzip vulnerability
From: Alejandro Betancor <Betancor@global.de>
Date: Wed, 10 Jun 2015 09:32:38 +0000
Message-id: <[🔎] 0B6E7DE9C27F3B40A85FB56BC130CB23200A5F68@global-ex1.global.local>

Hello friends.

I write to the list, because I’m using Debian Wheezy like a web server with nginx 1.6.0. I update my nginx to fix the problem with gzip compression, but I test the server and in this package we still have the problem. I wanna know in wich version of nginx is fixed this vulnerability. The CVE is CVE-2013-3587.

Thanks and all the best.

Alejandro Betancor

Reply to:

Follow-Ups:
- Re: Debian nginx gzip vulnerability
  - From: Paul Wise <pabs@debian.org>
- Re: Debian nginx gzip vulnerability
  - From: Joseph <joseph@netletter.at>

Prev by Date: re: [SECURITY] [DSA 3283-1] cups security update
Next by Date: Re: Debian nginx gzip vulnerability
Previous by thread: re: [SECURITY] [DSA 3283-1] cups security update
Next by thread: Re: Debian nginx gzip vulnerability
Index(es):
- Date
- Thread