tag 761940 pending
thanks
Hello,
Bug #761940 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:
http://git.debian.org/?p=collab-maint/nginx.git;a=commitdiff;h=b6807de
---
commit b6807de05a05c8f277ba30dbef1a528280139857
Author: Christos Trochalakis <[email protected]>
Date: Thu Sep 18 15:27:09 2014 +0300
Release 1.2.1-2.2+wheezy3
diff --git a/debian/changelog b/debian/changelog
index 9aaed10..8f8eb4c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,13 @@
+nginx (1.2.1-2.2+wheezy3) wheezy-security; urgency=high
+
+ * debian/patches/fix-CVE-2014-3616.patch:
+ CVE-2014-3616: It was possible to reuse cached SSL sessions in
+ unrelated contexts, allowing virtual host confusion attacks in some
+ configurations by an attacker in a privileged network position.
+ (Closes: #761940)
+
+ -- Christos Trochalakis <[email protected]> Thu, 18 Sep 2014 15:25:04
+0300
+
nginx (1.2.1-2.2+wheezy2) stable-security; urgency=high
* debian/patches/fix-CVE-2013-4547.patch:
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
