[Bug 1294280] Re: [CVE-2014-0133] SPDY Heap Buffer Overflow Vulnerability

Launchpad Bug Tracker Thu, 20 Mar 2014 15:11:55 -0700

This bug was fixed in the package nginx - 1.4.1-3ubuntu1.3

---------------
nginx (1.4.1-3ubuntu1.3) saucy-security; urgency=low


  * SECURITY UPDATE: SPDY Heap Buffer Overflow Vulnerabilty (LP: #1294280)
    - debian/patches/cve-2014-0133.patch: modify src/http/ngx_http_spdy.c to
      fix a heap buffer overflow vulnerability in the SPDY module by using
      a specially crafted request.
    - CVE-2014-0133
 -- Thomas Ward <[email protected]>   Tue, 18 Mar 2014 21:17:14 -0400

** Changed in: nginx (Ubuntu)
       Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1294280

Title:
  [CVE-2014-0133] SPDY Heap Buffer Overflow Vulnerability

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1294280/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1294280] Re: [CVE-2014-0133] SPDY Heap Buffer Overflow Vulnerability

Reply via email to