Correct me if I'm wrong, but doesn't this bug affect OpenSSL? The Security team released a fix for this in OpenSSL.
I will check to see if it's statically linked, but the last I checked it was not. I haven't recently checked this though. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to nginx in Ubuntu. https://bugs.launchpad.net/bugs/1304304 Title: nginx ubuntu package possibly affected by CVE 2014-0160 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1304304/+subscriptions -- Ubuntu-server-bugs mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
