Le 2013-02-12 16:27, Thijs Kinkhorst a écrit :
Package: nginx
Version: 0.7.67-3
Severity: grave
Tags: security patch
Hi,
nginx in squeeze and wheezy is vulnerable to the SSL attack
CVE-2012-4929
dubbed 'CRIME'. The attack is related to SSL compression.
The popular solution to the attack is
Hi Cyril,
On Wed, February 13, 2013 14:55, Cyril LAVIER wrote:
Thanks for this report.
I think we have to include this patch in the nginx packages (stable and
unstable).
I don't actually know if you already prepared an upload, so I did it by
myself (and it was a great time to relearn how
Le 2013-02-13 15:36, Thijs Kinkhorst a écrit :
Hi Cyril,
On Wed, February 13, 2013 14:55, Cyril LAVIER wrote:
Thanks for this report.
I think we have to include this patch in the nginx packages (stable
and
unstable).
I don't actually know if you already prepared an upload, so I did it
by
On Wed, February 13, 2013 15:42, Cyril LAVIER wrote:
Le 2013-02-13 15:36, Thijs Kinkhorst a écrit :
Hi Cyril,
On Wed, February 13, 2013 14:55, Cyril LAVIER wrote:
Thanks for this report.
I think we have to include this patch in the nginx packages (stable
and
unstable).
I don't
Package: nginx
Version: 0.7.67-3
Severity: grave
Tags: security patch
Hi,
nginx in squeeze and wheezy is vulnerable to the SSL attack CVE-2012-4929
dubbed 'CRIME'. The attack is related to SSL compression.
The popular solution to the attack is to disable SSL compression. This is
what Apache has
5 matches
Mail list logo
