To summarize the reasons for the changes on this bug done by me:
This CVE has already been "Fix Released" in Saucy, as part of the
1.4.1-1ubuntu2 package, and as part of the merge of 1.4.1-1 from Debian
with the ubuntu delta that exists.
The affected versions are in Precise, Quantal, and Raring, and I have
assigned myself to those, as I will be working on preparing debdiffs for
each of the affected releases, after which a member of the security team
will be able to take a look at the debdiffs for inclusion into the
security updates.
Lucid is not affected by this CVE.
** Changed in: nginx (Ubuntu Precise)
Importance: Undecided => Medium
** Changed in: nginx (Ubuntu Quantal)
Importance: Undecided => Medium
** Changed in: nginx (Ubuntu Raring)
Importance: Undecided => Medium
** Changed in: nginx (Ubuntu Precise)
Assignee: (unassigned) => Thomas Ward (teward)
** Changed in: nginx (Ubuntu Quantal)
Assignee: (unassigned) => Thomas Ward (teward)
** Changed in: nginx (Ubuntu Raring)
Assignee: (unassigned) => Thomas Ward (teward)
** Changed in: nginx (Ubuntu)
Assignee: Thomas Ward (teward) => (unassigned)
** Changed in: nginx (Ubuntu Precise)
Status: New => Confirmed
** Changed in: nginx (Ubuntu Quantal)
Status: New => Confirmed
** Changed in: nginx (Ubuntu Raring)
Status: New => Confirmed
** Changed in: nginx (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1182586
Title:
CVE-2013-2070: nginx proxy_pass buffer overflow vulnerability
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1182586/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
