[ubuntu/precise-updates] nginx 1.1.19-1ubuntu0.7 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Tue Jan 6 18:58:16 UTC 2015
nginx (1.1.19-1ubuntu0.7) precise-security; urgency=medium
* SECURITY UPDATE: incorrect cached SSL session reuse (LP: #1370478)
- debian/patches/CVE-2014-3616.patch: Use a random value for session id
context, since there is no support for shared TLS Session Tickets in
this version in src/event/ngx_event_openssl.c.
- CVE-2014-3616
Date: 2015-01-06 14:38:16.308251+00:00
Changed-By: Lev Lazinskiy <lev at levlaz.org>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/nginx/1.1.19-1ubuntu0.7
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list