* SECURITY UPDATE: SPDY Heap Buffer Overflow Vulnerabilty (LP: #1294280)
- debian/patches/cve-2014-0133.patch: modify src/http/ngx_http_spdy.c to
fix a heap buffer overflow vulnerability in the SPDY module by using
a specially crafted request.
- CVE-2014-0133
-- Thomas Ward <email address hidden> Tue, 18 Mar 2014 21:17:14 -0400
This bug was fixed in the package nginx - 1.4.1-3ubuntu1.3
---------------
nginx (1.4.1-3ubuntu1.3) saucy-security; urgency=low
* SECURITY UPDATE: SPDY Heap Buffer Overflow Vulnerabilty (LP: #1294280) patches/ cve-2014- 0133.patch: modify src/http/ ngx_http_ spdy.c to
- debian/
fix a heap buffer overflow vulnerability in the SPDY module by using
a specially crafted request.
- CVE-2014-0133
-- Thomas Ward <email address hidden> Tue, 18 Mar 2014 21:17:14 -0400