Format: 1.8
Date: Wed, 03 Feb 2016 08:38:22 -0500
Source: nginx
Binary: nginx nginx-doc nginx-common nginx-core nginx-core-dbg nginx-full nginx-full-dbg nginx-light nginx-light-dbg nginx-extras nginx-extras-dbg
Architecture: source
Version: 1.9.3-1ubuntu1.1
Distribution: wily-security
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 nginx      - small, powerful, scalable web/proxy server
 nginx-common - small, powerful, scalable web/proxy server - common files
 nginx-core - nginx web/proxy server (core version)
 nginx-core-dbg - nginx web/proxy server (core version) - debugging symbols
 nginx-doc  - small, powerful, scalable web/proxy server - documentation
 nginx-extras - nginx web/proxy server (extended version)
 nginx-extras-dbg - nginx web/proxy server (extended version) - debugging symbols
 nginx-full - nginx web/proxy server (standard version)
 nginx-full-dbg - nginx web/proxy server (standard version) - debugging symbols
 nginx-light - nginx web/proxy server (basic version)
 nginx-light-dbg - nginx web/proxy server (basic version) - debugging symbols
Launchpad-Bugs-Fixed: 1538165
Changes:
 nginx (1.9.3-1ubuntu1.1) wily-security; urgency=medium
 .
   * SECURITY UPDATE: multiple resolver security issues (LP: #1538165)
     - debian/patches/CVE-2016-074x-1.patch: fix possible segmentation fault
       on DNS format error.
     - debian/patches/CVE-2016-074x-2.patch: fix crashes in timeout handler.
     - debian/patches/CVE-2016-074x-3.patch: fixed CNAME processing for
       several requests.
     - debian/patches/CVE-2016-074x-4.patch: change the
       ngx_resolver_create_*_query() arguments.
     - debian/patches/CVE-2016-074x-5.patch: fix use-after-free memory
       accesses with CNAME.
     - debian/patches/CVE-2016-074x-6.patch: limited CNAME recursion.
     - CVE-2016-0742
     - CVE-2016-0743
     - CVE-2016-0744
Checksums-Sha1:
 512dc717195134046768770c7a5dad20e4d80ffa 2959 nginx_1.9.3-1ubuntu1.1.dsc
 6bfb9f00a0763f89edc7deb2abb6ab10717b7032 623144 nginx_1.9.3-1ubuntu1.1.debian.tar.xz
Checksums-Sha256:
 4b6665a66af3f33d4745903ad080361c238c3e9e42b3ff84d1bd5462aaa704f7 2959 nginx_1.9.3-1ubuntu1.1.dsc
 d8375da574d2d9d37098e05bba6f6854a14bfe6c7029a1f016f12b341f95e043 623144 nginx_1.9.3-1ubuntu1.1.debian.tar.xz
Files:
 f3c3cc7f93618559230ee6549274a529 2959 httpd optional nginx_1.9.3-1ubuntu1.1.dsc
 d8c7f37ce2589b260cb32f2a2d98eb25 623144 httpd optional nginx_1.9.3-1ubuntu1.1.debian.tar.xz
Original-Maintainer: Kartik Mistry <kartik@debian.org>