This bug was fixed in the package nginx - 1.4.1-3ubuntu1.3 --------------- nginx (1.4.1-3ubuntu1.3) saucy-security; urgency=low
* SECURITY UPDATE: SPDY Heap Buffer Overflow Vulnerabilty (LP: #1294280) - debian/patches/cve-2014-0133.patch: modify src/http/ngx_http_spdy.c to fix a heap buffer overflow vulnerability in the SPDY module by using a specially crafted request. - CVE-2014-0133 -- Thomas Ward <tew...@ubuntu.com> Tue, 18 Mar 2014 21:17:14 -0400 ** Changed in: nginx (Ubuntu) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to nginx in Ubuntu. https://bugs.launchpad.net/bugs/1294280 Title: [CVE-2014-0133] SPDY Heap Buffer Overflow Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1294280/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs